Telegram v/s WhatsApp: Why are the two companies fighting
Last week, Will Cathcart, head of WhatsApp, called out Telegram for its encryption policies. Cathcart criticized Telegram saying it was not end-to-end encrypted by default and suggested there were other flaws as well, with reference to an article by Wired. Now, Telegram has rebutted the claims saying the Wired article contains many errors and their editorial team ignored comments and responses from the company.
Why does this story matter?
This is not the first time that WhatsApp has accused other rival apps of their security practices. In October last year, the company released an advertisement that mocked Apple's iMessage service for lacking certain safety features. To recall, the Meta-owned app itself has faced serious allegations about its privacy policies and has been accused of snooping on private messages.
How it all started
Cathcart took to Twitter to criticize Telegram's end-to-end encryption (E2EE) implementation. Quoting the Wired article, Cathcart tweeted, "Telegram has the capacity to share nearly any confidential information a government requests." He said that Telegram's E2EE policies had not been independently verified and there were other loopholes, including that E2EE was not enabled by default and that it was not available for group chats.
Cathcart took to Twitter to criticize Telegram's E2EE policies
Cathcart went as far as saying "don't use telegram"
Cathcart pointed out that Telegram lacked transparency. He also accused the company of its faulty location API that could have disclosed users' locations down to around a radius of 3km. The WhatsApp chief said that were other "great end-to-end messaging apps" and went as far as saying "If you aren't going to use WhatsApp, use one of them - don't use Telegram."
Here's how Telegram responded
Telegram has responded to the allegations made by WhatsApp and said that Cathcart is wrong about the company's protocol not being independently verified. Addressing the claim about location tracking, Telegram clarified that users had to explicitly set visibility to 'public.' Only 0.01% of users have done this, said the company. The company has also highlighted a list of errors in the Wired article.
Telegram uses distributed infrastructure to protect data
Telegram's FAQ page notes that the company uses a distributed infrastructure to protect the data covered by end-to-end encryption. "Cloud chat data is stored in multiple data centers around the globe that are controlled by different legal entities spread across different jurisdictions," says Telegram. It is also mentioned that chats' decryption keys are split into parts and are never kept in the same place.
