If you think everything has to be "published" in the sense of a publication in a scientific paper, hacker news is probably a disappointing place. As for unexamined, the bounty for actually cracking the encryption is still open last I heard, and I know people have been trying.
As someone professionally involved in cyber security, I fully understand and agree with the criticism that the protocol is non-standard and does not follow several best practices. On the other hand, it cannot be ignored that it hasn't been cracked yet, despite Telegram being one of the bigger messaging services in the world (especially one attracting a tech-savvy audience) and receiving a lot of attention.
The very least Telegram-haters could do is acknowledge Whatsapp's equally big problem: we cannot verify a thing. Facebok could have either open sourced the clients or published the outer shell of the wire protocol so we can verify the E2E encryption. They chose to do neither.
As someone professionally involved in cyber security, I fully understand and agree with the criticism that the protocol is non-standard and does not follow several best practices. On the other hand, it cannot be ignored that it hasn't been cracked yet, despite Telegram being one of the bigger messaging services in the world (especially one attracting a tech-savvy audience) and receiving a lot of attention.
The very least Telegram-haters could do is acknowledge Whatsapp's equally big problem: we cannot verify a thing. Facebok could have either open sourced the clients or published the outer shell of the wire protocol so we can verify the E2E encryption. They chose to do neither.