Telegram founder Pavel Durov put the encrypted messaging application Signal on blast this month, arguing in a May 8 post that its privacy mechanisms amounted to a “circus trick.” His commentary was purpose-built to undermine the rival messaging app, but Durov’s history with Signal and Telegram's own privacy credentials make it hard to take his comments seriously.

Durov has been throwing stones at Signal for years. In 2017, he predicted we'd find a backdoor in their protocol within five years. Seven years later, that prediction has missed the mark. A few years later, Signal founder Moxie Marlinspike posted a thread suggesting we should stop calling Telegram an encrypted messaging app.

Signal and Telegram do not like each other.

In the context of historical beef between the two products, this latest post looks more like an opportunistic potshot at a market competitor than a legitimate PSA about backdoored software.

Malice in the messaging apps

Signal was already under heavy scrutiny after comments made by Signal Foundation Chair Katherine Maher, who said Wikipedia's "free and open" nature promoted a "white male Westernized construct." It was a story that received a lot of traction on social media, and drew comments from Jack Dorsey, Vitalik Buterin, and Elon Musk on X.

As people picked up their pitchforks over Maher's politics, it was all too easy for Durov to redirect the angry mob toward Signal itself.

Signal got to work dispelling the claims about their app and protocol, with President Meredith Whittaker providing important context in the replies to throw some ice on the story.

For now, things have settled down. However, this beef isn't over — if anything, it's just getting started. This row has the potential to become cybersecurity's version of Kendrick v. Drake.

The anti-Signal movement

It was easy to whip people into a frenzy about Signal. There's an anti-Signal undercurrent emerging in certain circles — a surprising sensitivity for one of the most respected messaging apps in the world.

Perhaps it started when ex-Fox News anchor Tucker Carlson appeared on Lex Fridman's Podcast earlier this year. Speaking about messaging security, Carlson said, "we all have theories about secure communications channels. Like Signal is secure, Telegraph [sic] isn't, or WhatsApp, [which] is owned by Mark Zuckerberg — you can't trust it."

In the same conversation, Carlson claimed the NSA managed to obtain and Signal messages related to his efforts to interview Russian President Vladimir Putin and subsequently leak them to the media. This may have planted the original seed of doubt, and it certainly feels like the precursor to the latest controversy.

Connecting some dots, Carlson sat down for an interview with Pavel Durov back in April. One month later, Durov's post to Du Rove's Channel said key figures had revealed to him that their "private" Signal messages had been exploited."

In case you aren't a natural Sherlock, Carlson is one of the "important people" Durov is talking about. Building from these claims, Durov says Telegram provides "the only popular method of communication that is verifiably private."

Telegram has always tried to hang with the encrypted messaging crowd, but Telegram is not a suitable Signal alternative. Telegram doesn't have end-to-end encryption by default and it doesn't have end-to-end encrypted group chats at all. Having opt-in privacy features — especially necessities like end-to-end encryption — means the vast majority of users will be left without protection.

But none of this will stop Durov from amplifying people's doubts about Signal to give Telegram a leg-up. Further conflict is likely. (Wouldn't it be nice if we could all just get along?)

As for this round of the bout, it's notable that Signal hasn't backed up Maher's comments. Their line is that Maher's politics don't really matter — you don't need to trust the people running Signal, you just need to trust the code.

It's a good line to take. With highly audited, open source code, Signal has a relatively trustless model. Maher's politics have no bearing on a PQXDH key exchange. But a decentralized model could be more trustless — and it already exists.

The anti-Signal movement 

I work on an end-to-end encrypted messaging app called Session. It runs on a decentralized network operated by ordinary community members who contribute compute resources to route and store messages.

Not only is the client and server code open source, you can verify the open source code is what's actually running on the network — you can join and run it yourself. Session does what it says on the box, no trust required whatsoever.

However, this is not a cure-all. The quirks of a decentralized network make it difficult to pull off the complex key ratcheting involved in the Signal Protocol. This ratcheting provides unique cryptographic properties, but keeping key-states updated doesn't mix with a decentralized network of community nodes which can enter and leave the network at will.

If you remove encryption entirely, you can have an awesome UX like Telegram's, where messages appear instantly as though they're rabbits out hats.

There's always a trade off. Nobody has it all — and if they say they do, they've probably got something to sell you.