[theonewolf]

Perhaps because the attacks/exploits were more against the device/OS and not against the app itself?

It is unsurprising that text can be found unencrypted in memory---even while during rendering it has to be decrypted somewhere.

The only mildly surprising/troubling thing was unencrypted data stored in the file one disk on the phone.

[chatmasta]

I think at this point we are getting into the semantics of what qualifies as a "vulnerability." I agree there's very little telegram can do about this, but that doesn't lessen the validity of the attack. At the very least, they could respond to the bug report. To ignore it seems highly unprofessional.