Can you, please, elaborate? Wasn't it their main feature and the selling point?

Telegram's E2EE isn't available for group chats. It's not on by default for other chats, so most or all of your chats are probably just transport encrypted. Further, they rolled their own crypto (bad), MTProto2, which has a number of problems (but is not necessarily broken)

This places Telegram's security stance below that of even Instagram or Facebook (which also has optional E2EE chats, but uses the Signal protocol, which is considered better than MTProto2.)

Telegram e2ee FAQ covers the nuances https://tsf.telegram.org/manuals/e2ee-simple

Let's get a professional cryptographer without vested interest in the matter to give that assessment

https://blog.cryptographyengineering.com/2024/08/25/telegram...

E2EE is optional. Telegram does have it, but you don't need to use it.

Telegram also only supports E2EE in one-to-one chats, so any bad guys operating out of group chats / channels are definitely doing so in the clear.

What are the downsides to telegram providing default E2EE? Seems like a no brainer to have it as a default feature for the product.

I think they don't support cross-device syncing or automatic backups of E2EE chats, so it's about minimising friction by default. Telegrams main focus is UX, unlike Signal which prioritizes security at the expense of UX.

There's nothing in Telegram that couldn't be implemented with security in mind. They just lack the expertise in designing cryptographic protocols that offer those features, and Durov is too proud to consult experts in helping improve the design. Well, now he gets to enjoy French hospitality.

Their focus is on UX more than security. The app is super snappy and supports group chats with hundreds of thousands of participants.

It doesn't. Groups chats lack E2EE and all desktop chats, including 1:1 lack E2EE.

E2EE is optional on Telegram and not really convenient. You can create a private chat which will be E2E encrypted but this takes a few taps and pins to device. Most of the users don't bother. And the main target is not personal chats but channels which can be easily discovered and followed.

This is not an e2e battle, this is the hunt for channel owners. Frankly it is too easy to make a "local chat" and sell stuff. Durov has the data and this is his weakness and strength. Platform is viral but there are too much for one hands.

> French authorities believe that Telegram, under Durov’s leadership, became a major platform for organised crime due to its encrypted messaging services, which allegedly facilitated illegal activities

Sounds like it was because of E2EE.

Encrypted doesn't necessarily mean e2ee.

It doesn't do E2EE by default, you need to select it when messaging someone.

Nope. It's because of the large telegram group chats for the most part and those aren't E2EE. The only chats that can be E2EE on telegram are one to one DMs and that's only if you manually enable it.

i.e. They refused to turn over chat records that they have server side access to.

It's worth noting that they could do E2EE here for group chats but they don't. Signal does it but telegram wholesale refused to.