It also would have had much worse usability in the most common case: when government agencies aren't a real risk factor, but you want conversations synced between different apps.
Seriously, disregarding trade-off between security and usability is exactly how we ended up with very secure, 20-digit passwords, containing every possible unicode symbol, updated every Monday, written on post-it notes hanging on the wall.
Wire drains the battery of your phone so hard it's unusable in practice. There has been a bug report about this open since May 2017, with a note that "we're working on it". It hasn't been solved so far.
The last time i tried Wire its UX was about as stable as what a 12 year old would cobble together with old ducktape and string. Constantly exhibiting glitches and bugs and lacking even the most basic UI amenities as well as being a heavyweight browser app.
Does Wire have a light-weight and solid desktop client yet?
Wire is awesome. Keybase is like Wire, but for teams...it's amazing. Encrypted file system for personal, public, and individual teams, chat, git repos...oh boy!
I agree with /u/na85. If you're worried about law enforcement or corporations sniffing keys out of your devices RAM, you have other things to worry about besides "what app should I use for communication"?
If you're seriously worried about communicating without trusting your phone, then you either need to find communication devices you do trust, or else look into verifiable TRNGs [0], dumb serial printers that can be directly attached to RNGs [1], and either manual encryption/decryption algorithms [2] or one-time pads.
I simply want real privacy, not an illusion of one. It's pointless to use any half-baked privacy approach when your device is compromised by design; who knows if the current mainstream becomes dissent in 20 years and people will be hanged because of their old communication logs? Thanks but no thanks.
Please elaborate. I heard this "usability and chat history" stuff many times already, but I never understood it: it honestly sounds just like marketing bullshit. WhatsApp uses e2e and is quite usable as long as I'm concerned. If only group chats with more than 10 people (hell, I'm ok with 3, even 2, if that's necessary) would be non-encrypted by default — I would be fine with that.
WhatsApp requires your phone (and it must be a phone) to be on and connected to WiFi, using battery, to use their desktop "app". This is terrible usability.
WhatsApp doesn't have a native (or near native Qt app as Telegram does) on anything but phones. No tablets, no desktop OS. This is bad usability.
If I sign in to a new device on Telegram (and it can be nearly any device), I can instantly have my entire message history available. This is what they mean by chat history.
I no longer actively use Telegram, but only because no one else I know could be convinced to use it over Messenger. Messenger solves some of these problems but not all.
Ok, fair enough, WhatsApp is trash. But you didn't convince me on the matter of chat history and e2e.
First off, as long as I have any device with chat history online — it is possible for my new device to inherit it as well. It's fine even if I have to confirm manually that session keys are equal or whatever.
Second, note that history can be stored on Telegram servers in encrypted form, I only need to have some secret key that is never sent to Telegram. This way "backing up the history" wouldn't be any different from "sending a message". And being responsible for taking care of my security keys is entirely reasonable.
Third, remember that primary Telegram credential is your phone number — something I abhor, but as long as this is true, I do need to have my phone to log-in on a new device anyway. By the way, I never tried to see if it actually works, but I would rather not being able to access my history after losing my device at all, rather than accepting that anyone who will get in possession of my phone number will be able to read all my chats. "My phone number" is not "me", for fuck's sake. (Yes, I know about 2-step auth, but we are talking about defaults here.)
And, honestly, I guess I would be fine with anything more or less usable, all I really have to know is that "normal people" do use WhatsApp and do find its usability ok. This means they would accept secure chats by default in Telegram as well. How long is it since you lost all your devices that can host Telegram at the same time, anyway? It is rarely the case that anyone's I know devices are all off at the same time, let alone lost.
matrix/riot.im has e2e encryption and chat history stored on home server (which you can host yourself). It also doesn't require phone numbers, plain usernames are possible
WhatsApp requires your phone (and it must be a phone) to be on and connected to WiFi, using battery, to use their desktop "app". This is terrible usability.
I can understand it'd be very annoying when you're affected -- eg having to work in an area with ethernet, but without wifi/3G, or when you need a fallback when the phone is out of battery. For the most part, it's a non-issue for me.
Signal uses the same basic protocol and doesn't require the phone to be online all the time.
Chances are the WhatsApp implementation chose a trade off that minimized confusion for less sophisticated users (within the constraints of maintaining confidentiality). That tends to be a good idea when you've got a billion users.
If I sign in to a new device on Telegram ..., I can instantly have my entire message history available
> That tends to be a good idea when you've got a billion users.
Telegram has a lot of users as well. It's a design choice for sure, but I disagree with it and it doesn't work for me personally. Their lack of support for anything but phones is my primary concern though - I could maybe stomach the requirement for my primary device to be online, but simply not making at least an iPad and preferably a macOS app is a no go for me.
> Including "secret chats"?
No, Telegram secret chats are device to device and can't be backed up or transferred. This is also why I rarely used them.
