Security

Telegram Is Not a Secure Messaging Tool

First published 2015 · Updated April 2026 · 9 min read

2026 note: This article was originally written in Turkish on e-siber.com. It is referenced across security forums, Wikipedia, and multiple independent privacy wikis. The site's ownership has changed; this English-language rewrite preserves the URL and the original investigation. Protocol details have been updated to reflect what MTProto 2.0 and the current Telegram clients actually do as of 2026.

Telegram markets itself as a secure messenger. Its homepage uses the word "encrypted" heavily, and the app is the default choice for millions of journalists, activists, and ordinary users who believe they are using a private channel. The reality is more nuanced: ordinary Telegram cloud chats are not end-to-end encrypted. They are encrypted in transit, stored on Telegram's servers, and technically readable by anyone who controls those servers.

This is not an accusation of malice against Telegram. It is a statement about what the protocol guarantees versus what users believe it guarantees. The two are different, and the gap matters.

Cloud Chats vs. Secret Chats

Telegram has two chat modes:

Feature	Cloud chat (default)	Secret chat
End-to-end encryption	No	Yes
Stored on Telegram servers	Yes	No
Syncs across devices	Yes	No (one device only)
Works in groups and channels	Yes	No (1:1 only)
Default for new conversations	Yes	No

When you open Telegram and start a new chat with someone, you are in a cloud chat. Messages are encrypted between your client and Telegram's server, and then re-encrypted between the server and the recipient's client. The server sits in the middle with access to the plaintext. This is the same basic topology as regular email with TLS — not end-to-end privacy.

Secret chats use a different protocol, are bound to a single device pair, don't sync, don't support groups, and are never the default. In practice, most users have never started a Secret Chat and don't know the option exists. Group chats — where the most sensitive political organizing typically happens — have no end-to-end option at all.

The core misconception: Telegram is "encrypted" in the same sense that Gmail is encrypted. The conversation is protected from network eavesdroppers, but not from the server operator. If an attacker breaches Telegram's infrastructure, or a government compels cooperation, cloud chats are readable.

The MTProto Protocol

Telegram uses its own encryption protocol called MTProto. An earlier version (MTProto 1.0) had documented weaknesses; MTProto 2.0 was introduced in 2017 and has held up better, but the academic cryptography community has historically been skeptical because the protocol rolls its own primitives rather than using well-vetted building blocks like the Signal protocol's Double Ratchet.

Published cryptographic analysis has flagged:

Non-standard construction. The protocol combines AES-IGE, SHA-256, and a custom KDF in ways that deviate from standard NIST guidance.
No forward secrecy in cloud chats. If the server keys are ever compromised, past conversations can be decrypted retroactively from stored ciphertext.
Server-mediated key exchange for Secret Chats. The server participates in the Diffie-Hellman exchange, meaning a malicious server can mount a man-in-the-middle attack unless users manually verify the chat fingerprint. Very few users do this.

Compare this to Signal's protocol, which is open-source, peer-reviewed, forward-secret by default, and end-to-end in all modes including group chats. The default in Signal is the secure mode. The default in Telegram is not.

What About the Source Code?

Telegram's clients are open source. Its server is not. This matters because when you send a cloud chat message, the thing that decides whether to log it, who gets to read it, and how long it's retained is the server. You can audit the client all you want — you still can't verify what the server does with the plaintext it receives.

This is a common category of confusion across "secure" messengers. A public client binary is necessary but not sufficient for end-to-end privacy claims. The cryptographic architecture must make the server untrusted by construction, not by policy.

How to Verify What Your Messenger Is Actually Doing

You don't have to take anyone's word about what Telegram — or any app — does with your messages. You can inspect the network traffic yourself.

1. Capture with mitmproxy

brew install mitmproxy     # macOS
sudo apt install mitmproxy  # Linux
mitmproxy -p 8080

On your phone, set the proxy to your machine's IP on port 8080 and install the mitmproxy CA certificate (required to see TLS content). Now every HTTPS request the phone makes appears in the mitmproxy UI.

For Telegram specifically, most traffic is over MTProto on port 443, not HTTPS, so you will see it as opaque binary blobs. That is informative in itself: even the metadata of which users you talk to is visible at the network layer without further work.

2. Log connection endpoints with lsof

# See every TCP connection an app opens (macOS / Linux):
sudo lsof -i -n -P | grep -i telegram

# Track over time:
while true; do
  sudo lsof -i -n -P -c Telegram >> /tmp/telegram-connections.log
  sleep 30
done

Over a day you can build a map of every server Telegram talks to. Compare that to the documented infrastructure — anything unexpected is a signal.

3. Block server sync and watch behavior

Use a firewall to block Telegram's known IP ranges for one hour. If the app still shows your chat history, it's served from local cache. If old messages become unavailable, those messages are being fetched fresh from the server on every session — which they are.

What You Should Actually Use

For conversations where confidentiality matters:

Signal — end-to-end by default, open protocol, open client, minimal metadata retention, supports groups.
Session or Matrix (Element) — decentralized alternatives with varying tradeoffs.
SimpleX — no persistent user identifiers, no phone number required.

For broadcast channels and large public groups where confidentiality is not the goal, Telegram is fine. It's a good broadcast tool. It is not a good secret-keeping tool.

Rule of thumb: If the server can decrypt the message, the server's operator (and anyone who can compel or hack them) can read it. Everything else is marketing.

A Broader Lesson About Trust

The same principle that applies to messengers applies to every piece of software you depend on: what the vendor claims does not match what the software does unless you've verified it. Cloud sync clients read files they shouldn't. AI assistants upload telemetry they don't document. Prediction models drift silently. The only path to confidence is measurement.

When building production systems, we apply the same verification discipline. For example, at ZenHodl, every probability the model outputs is checked against realized outcomes using Expected Calibration Error, and every binary artifact in the deployment pipeline is verified by SHA-256 hash before it loads. The marketing claim ("calibrated probabilities") only means anything because the measurement pipeline runs daily and emits failures when it doesn't hold.

Apply that same discipline to your messenger. Don't trust the label. Verify the behavior.