Many in the crypto and privacy community mistakenly trust Telegram because it’s “end to end encrypted”, but there are huge issues including not hiding the metadata, censorship, centralization, and phone numbers.
Send this video to your friend that asks why you won’t join:
https://video.simplifiedprivacy.com/why-telegram-sucks/
You use Signal.
Yeah, end to end encryption in a closed source app can’t be proven outside of the company and the company can’t be held accountable by the public even if it gets a third party audit at some point because it can always just change the source.
Open source, client side, end to end encryption is the only serious standard.
open source can also change over time. The only time you can trust it is when it does have an independent third party audit and even then they have very specific language saying what they found and in what version.
This is true, but those changes are visible. It’s much harder to get away with back dooring something that’s open source. At the very least, you need to be clever about it so as to not draw suspicion to your changes. I’m reminded of this story: https://www.theverge.com/2021/4/30/22410164/linux-kernel-university-of-minnesota-banned-open-source