[FDSGSG]

>All they did was not invent the best encryption in the world.

They shipped a backdoor. It's pretty clear that Telegram is actively malicious. They haven't been caught again? They probably realized that the front door of not encrypting chats was sufficient.

>The author himself admits it's much more likely this was an amateurish mistake than some man-in-the-middle conspiracy

This is not at all what the author is saying.

[pdimitar]

> Anyway, it’s been a while, the world is a different place now, and maybe Hanlon’s razor cuts deeper than I thought.

Unless you have another interpretation of the Hanlon's Razor, it seems that he is saying this is a mistake and not a backdoor.

> They shipped a backdoor.

Did they? Might be. I am 50/50 about it, people do dumb mistakes with self-rolled crypto all the time and that's a sad reality. But who knows, it might be the first try to embed a backdoor.

My point is: being too sure one way or the either makes you biased. I err on the side of incompetence but I am open to the possibility that it was a first sloppy attempt at backdooring Telegram. Sadly we have no proof of either, so we speculate based on what's available.

[StavrosK]

If someone says "so this guy killed himself with three shots in the back, but maybe that's a common method of suicide" doesn't mean you think it's suicide. It's a turn of phrase to accentuate how much you don't think it was suicide.

[pdimitar]

I suppose I missed his sarcasm then. Happens pretty easily over text.

As said in another comment, I am no cryptography expert. I simply argue against the very visible negative bias against Telegram which is accentuated even more by very childish snarks on almost any Telegram HN thread. That gets to me and it's not how HN should be.

I never argued that my opinion is a fact. I said how I arrived at my opinion and debate with people whether that's plausible or not [based on limited info]. The rest can be proven/rebuked by specialists.

[FDSGSG]

Have you considered that perhaps Telegram deserves that negative bias due to their own behavior?

[pdimitar]

I would consider it... if I ever see any other criticism in HN besides "they don't have massively peer- and pro-reviewed encryption" and very childish snark with zero facts interspersed.

What's this "Telegram behaviour"? Seriously, enlighten me -- this is not a snark. I've been following HN Telegram threads for a long time and I've only seen the two things I mentioned above.

It's really puzzling, especially in a world where a ton of very public and everyday software has much more flaws than Telegram. The whole very directed and non-HN-esque hate towards it does stands out.

[FDSGSG]

Telegram positions itself as a secure messenger but does not encrypt most conversations, that's simply dishonest on their part. Until they start to clearly communicate to their users that "Hey! This conversation is not encrypted" they deserve nothing but negativity.

Multiple official Telegram clients do not even support the "secret chats".

Right from their own website https://telegram.org/

>Private

>Telegram messages are heavily encrypted and can self-destruct.

This is a lie.

>Secure

>Telegram keeps your messages safe from hacker attacks.

This is a lie, you can even pull someones telegram message history by sim swapping them FFS.

[FDSGSG]

>Unless you have another interpretation of the Hanlon's Razor, it seems that he is saying this is a mistake and not a backdoor.

It just sounds like the author simply doesn't want to get sued, after all it's generally impossible to prove that a backdoor is actually a backdoor.

>people do dumb mistakes with self-rolled crypto all the time

I've seen a plenty of those, this one just happens to look rather different than the typical implementation mistakes you see. There's no possible reason for this code to exists except to allow Telegram to decrypt secret chats.

In the end, we've got nothing to gain and a plenty lose by giving Telegram the benefit of the doubt.

[pdimitar]

Well, sure. It's very possible indeed. I am still wondering why though -- Durov fled Russia, settled in UAE and then backdoored Telegram? Don't know. If a conspiracy becomes too complex then we all know what the other razor law says, right (Occam's)?