Signal never shares message content with the server.
Telegram does so by default, you have to opt in to keep messages private from the server.
You also see a lot of people criticizing the design of the secure Telegram protocol and praising the Signal protocol. There were some stories about governments actively compromising Telegram's security. There haven't been any about Signal.
So if you are worried about privacy more than UI and rich functionality, the choice seems clear enough.
Yes I'm seeing a lot of people criticizing Telegram on Twitter and in media. But after doing some research I couldn't find any proof of their claims that Telegram have a broken crypto.
You can use secret chats, those messages are not stored on the company server.
I also can't find any proof that the e2e crypto is broken, but crypto nerds sure love to shit on it. I'd love a source indicating otherwise.
The unencrypted messages are certainly not secure, and it's disingenuous of Telegram to market itself as a secure system without being really clear about the limitations.
That's not the e2e encryption protocol that they hacked, but the SMS-based authentication and unencrypted chats that are stored on the server in the plain. The state has control of SMS, so it can impersonate you. This would seem to be a potential problem for any service that's backing itself into SMS, but here the attack would not be possible as messages aren't shared across devices on e.g. Signal and WhatsApp.
That only happens for non-private chats only if you skipped 2-step verification setup [1]. I'm not telegram's relative, but security is a thing where you have to be educated. You cannot just install 'everyone's most secure' messenger and be productive.
For messenger to gain a MASS of users it has to be 'enter sms-code and go chat'.
For messenger to be SECURE it has to be 'install password manager, set passcode, use 2-factor, use e2e, use self-destruct, always compare keys'. No one will enjoy that. But if you need, you just have it in your regular sexy messenger, not in another ugly alien app that no one knows about, no one has installed, no one's ready to go through all of it.
Telegram does so by default, you have to opt in to keep messages private from the server.
You also see a lot of people criticizing the design of the secure Telegram protocol and praising the Signal protocol. There were some stories about governments actively compromising Telegram's security. There haven't been any about Signal.
So if you are worried about privacy more than UI and rich functionality, the choice seems clear enough.