[fidz]

Well,

> To protect the data that is not covered by end-to-end encryption, Telegram uses a distributed infrastructure. Cloud chat data is stored in multiple data centers around the globe that are controlled by different legal entities spread across different jurisdictions. The relevant decryption keys are split into parts and are never kept in the same place as the data they protect. As a result, several court orders from different jurisdictions are required to force us to give up any data.

https://telegram.org/faq#q-do-you-process-data-requests

If we register Telegram, Telegram has our master key. I am not sure they are really that secure. Yes, it makes politically hard to disclose any data, but it does not mean impossible.

[jchw]

Telegram also supports proper E2E in the form of secret chats, though the UX is definitely not as good (for example, last I checked it did not support group chat or multi device.)

[cies]

EDIT: Was under the impression Telegram served closed source clients. Turns out it does not. I stand corrected.

OLD COMMENT:

E2e using a client that is not opensource (on a system that is not trusted) is not helping much.

E2e where the server is not open source should be okay, because the server-end can only snoop on some meta data (how much, when, what IP, chunk sizes, etc.) but not the content.

[jchw]

The Telegram clients are open source.

[cies]

oops. i'll fix it. tnx for pointing out.