[embik]

Uhm, yes, you're absolutely right, I have missunderstood you and I absolutely agree with what you're saying. An open client with a secure encryption is always preferred, but I doubt we will see Telegram become that one because they have been ignorant to people pointing out flaws before.

> but Whatsapp might very well be simply MITM-ed by Facebook

As long as you're not inspecting the binaries you use for Telegram (or build the applications by yourself) however, you can't guarantee it's not MITM-ed by someone either. Maybe you do, but most users certainly do not. When downloading the Telegram app from Google Play, there is not much difference to the WhatsApp app. You're basically trusting small groups that they provide the "real" binary to you. Not much of a difference to trusting Moxie's words, is it?

Link 0 was to remind you of the link I posted before and the other links might not provide specific (or effective) attacks, but they point out flaws in Telegram's protocol (1,2,3) and the way they test / value the strength of their encryption (4). More flaws are very much plausible for a homebrew crypto solution.