As said in another comment of mine, putting a generic "hey I might be wrong" at the end is pure fluff. Stick to what you believe in, you are not in front of a court.
Case in point: the Hanlon's Razor mention definitely did mislead me in terms of your stance.
I found it ambiguous, nothing more. And I expressed an opinion to which half I subscribe to. Maybe that's valuable feedback for you as a writer, maybe it's not.
In any case, no hard feelings were intended anywhere.
The situation is (slightly) ambiguous. It looks like a backdoor. Anyone competent writing that code would be doing so because they wanted the backdoor. But there's no reason to assume Telegram's authors are competent unnecessarily, and competence in UI design doesn't imply competence in security. And it's also a rather obvious-looking backdoor, anyone competent would presumably try to hide it better. Then again, the NSA backdoor in Dual-EC-DRBG was pointed out before anyone started using the spec and not that well hidden, and the NSA are generally considered competent.
Oh, I am not firmly claiming that it's not a backdoor. It very well might be!
But that's what mostly what I was saying (granted, I got worked up at one point because the blind stereotyping puts a black mark on HN's reputation in my eyes) is that indeed the situation is ambiguous and both possibilities are [mostly] equally likely.
The author is saying "maybe things that look A WHOLE LOT like malice are actually incompetence". It's pretty clear that he thinks it's a backdoor, even though he basically says "maybe in actually wrong, but I really don't think so".
Oh, please, this is not a math inequality where we compare with numbers. It is plain to any English speaker that what was written in the article and how you represented it differ significantly in the confidence that they communicate. As such, your continued insistence that there is no major difference between the two comes off as extremely poor faith.
Hanlon’s Razor says to never assume malice where stupidity suffices as an explanation. The only way I read this sentence is to say that Hanlon’s Razor applies here, in-spite of how malicious the bug looks.
Same for me. While others argue that it's "obvious" that the author believes much more strongly that this find is a backdoor and not a dumb mistake (a very easy one to make for a non-cryptographer programmer), I am still unconvinced.
Would be curious to read a statement from Telegram's team though -- not that any team would ever admit to putting a backdoor...