Telegram founder touts his moral values, but misses the topic of end-to-end encryption

Pavel Durov, founder of Telegram, spoke for the first time since the start of the war. While the use of the application is questioned for security reasons, the interested party fails to enter the subject of end-to-end encryption.

This is his first public speech since the start of the war in Ukraine. Pavel Durov published a message on his Telegram account on March 7 which intends to respond to a concern that has emerged for several days with the Russian invasion: is it reasonable to use Telegram, especially in Ukraine, when there is no there is no end-to-end encryption?

For the founder of Telegram, this debate is somehow irrelevant. And to attest to this, the person concerned has put forward his moral values: he claims to have never delivered data to Russia on Ukrainian Internet users. It is because he opposed the FSB, moreover, that the trouble arrived, he observes. The FSB is Russia’s internal intelligence service. The ex-KGB.

I refused to comply with these demands, as it would mean a betrayal of our Ukrainian users. After that I was fired from the company I founded and was forced to leave Russia writes Pavel Durov. And if he had to do it again, he would do it again without hesitation », evoking the events at the turn of the years 2013 and 2014, despite the loss of his company and his home.

Pavel Durov speaks for the first time since the invasion of Ukraine on February 24. // Source: Kyiv City

Pavel Durov claims that at the time, the FSB observed Ukrainian internet users protesting against then pro-Russian President Viktor Yanukovych — who faced fierce opposition in 2014 when he chose to stand closer to Russia than to the European Union. The sling was such that he had to go into exile in Moscow.

When I challenged their demands, the stakes were high for me. I was still living in Russia, and my team and my old company were also based there. Many years have passed since then. Many things have changed: I no longer live in Russia, I no longer have any companies or employees there. “, Continues the one who took refuge in Dubai.

His message, however, does not contain any strong announcement for the future of Telegram’s security: certainly, Pavel Durov swears that he will continue to defend the members of the instant messenger “ whatever happens “, arguing that ” their right to privacy is sacred “. Great. But this commitment does not translate into concrete action.

A missed opportunity for Telegram

And that’s probably where the shoe pinches. Internet users need neither lyricism nor promises. They need effective and verifiable measures. Certainly, Telegram offers end-to-end encryption, but not by default: it is an option, which must be activated to have a secret and totally secure chat. WhatsApp and Signal have taken the plunge, Telegram not.

We must rely on the assurances of the founder of Telegram. But at a time when war is raging in Ukraine and the mobile application is widely used in the country, this is necessarily insufficient. The status quo has been denounced by Moxie Marlinspike, a hacktivist and cryptographer behind the Signal application, who believes that there is in fact a real security risk.

Telegram founder touts his moral values, but misses the topic of end-to-end encryption
Telegram offers end-to-end encryption as an option. // Source: Nino Barbey for Numerama

The absence of end-to-end encryption by default in Telegram turns out to be a deliberate choice by the management, in order to be able to graft heaps of functionality into the application. By being as strict as WhatsApp or Signal, the app would no longer be able to provide certain services. And it was Pavel Durov who himself put forward this reason.

The minority […] who wants to maximize security at the expense of user-friendliness is welcome to use secret chats on Telegram […]. But we’re not going to cripple Telegram by throwing away dozens of its features. […]. Or for people too lazy to start secret chats when they think they need them. “, he launched in 2021.

Under these conditions, nothing should change as it stands: there is no question of changing approach, despite the war and the legitimate uncertainties about the security of communications. Guidance on application design should be maintained, at least in the short term. Clearly if you want end-to-end encryption, activate it or switch to something other than Telegram.

For further

WhatsApp protects conversations with end-to-end encryption.  // Source: Melvyn Dadure for Numerama

Source link -100