You failed to reply about it not being a Russian company.

So? Encryption is still on by default and end-to-end encryption is a joke anyway when distribution of the app is controlled by the app developer. They can only pinky promise that it's there, but they can compromise it silently on a whim.

End-to-end encryption can be pretty useful, but just not in Whatsapp, Telegram, Signal or any app with that level of control.

"So? Only one company can read your chats by default, and privacy is a joke anyway, you need to believe their promises or read the publicly available codebase yourself."

Please explain, how do you think making a promise not to read your messages is different from making a promise by the same company to have a working end-to-end encryption and not willing to compromise it, given the company has a complete control over the app and updates you receive? You can't verify any of it nor that it will be like that with the next update.

Sure. Firstly and most importantly Time's Arrow applies. A promise kept in the past is not a promise kept in the future.

If Signal has kept their promise so far then all of the messages I have already sent were EtoE encrypted and they never had any way to see those messages, indeed if me and my co-conspirators all destroy our devices the messages simply cease to exist altogether. If tomorrow Signal breaks their promise, that promise was already kept in the past and can't be undone, Signal can't read messages that no longer exist.

If Telegram kept their promise that's permanently conditional, they still have the data, and only their continuing promise not to look at it keeps it safe. Tomorrow they can break the promise and previous messages are now available, but you can't retrospectively stop having sent the messages in the past.

Secondly, as I wrote here recently on another topic: Only impossible things don't happen, everything else is fair game. In choosing to do EtoE Signal gets to make certain things _impossible_ whereas Telegram just promises not to do them. This means those things might happen by accident, or a bad guy might do them and I'm sure Telegram would be very apologetic (if anybody found out) but it couldn't undo them.

Thirdly: Signal actually publishes the software component that behave the way they say it does. Reproducible builds are tricky (as a general problem in modern software) but Signal does a pretty good job of convincing you that the binaries you can download are just the code you can see, built for your platform. So then either they need to not only break the promise but also hide the broken promise in the code, or they need to break the promise AND hide the build difference. It's just easier to keep the promise.