[nine_k]

Last time I checked, the entire client codebase of Telegram was open source, and encryption happens on the client.

Of course, all the metadata are visible to Telegram servers, because they handle authorization and discovery. But not the communication content.

What am I missing?

[f1refly]

The new and shiny TelegramX client all of my friends are using is only available as closed source binary. Also their encryption is open, that's true, but they implemented their own algorithms with blackjack and hookers and noone is really sure how secure it really is iirc. Additionally, encrypted chats aren't even the default, single-end to single-end and not available on desktop.

I still use telegram because I deem it better than whatsapp, but the security sucks nonetheless.