[testing12341234]

The easiest to understand response to this question that I've seen so far is from this comment [0]:

The contest limitations rule out most of the likely attack vectors for breaking the protocol in the real world. It's like saying "Our bank vans are 100% secure. Just try stealing money from them without puncturing our tires or bribing one of our employees."

[0] - https://news.ycombinator.com/item?id=6936949

[simias]

In particular none of the attacks described in TFA (Known Plaintext, Chosen Plaintext and Chosen Ciphertext) are possible within the frame of their contest (since Telegram controls all inputs).

Yesterday someone blogged an example of a completely broken cryptosystem that would still pass Telegram's challenge with the same limitations: http://www.thoughtcrime.org/blog/telegram-crypto-challenge/

[StavrosK]

That's Moxie Marlinspike, developer of TextSecure.

[Beltiras]

With a very valid challenge.

[raverbashing]

It may even be possible to factor the RSA Key

More to the point, KPA,CPA, etc are very important, and systems should be definitely tested against them, but in real attacks, they may not be available