"Regular and group chats are not protected by end-to-end encryption, which means Telegram sees your correspondence and saves them on servers. If you use this messenger, create "secret chats," enable the automatic deletion of correspondence, and prohibit taking the screenshots. But remember that even these restrictions can be bypassed with a second phone with a camera," Yury Melashchenko explains.
"These are the basic parameters. In addition to them, the ability to deploy on their own server, resistance to “man-in-the-middle attack” and resistance to data obtained with Cellebrite UFED, Elcomsoft, and Oxygen Software are significant.
Such systems allow reading device data, including deleted files and correspondence. Just turn on-air mode and open a messenger: everything you can see there can be taken out," the CEO of Security Services Group comments.
“Signal is considered the most secure messenger. But it also has weaknesses: you need to register by phone number and trust the server owner, who owns the encryption keys. We tried several times to deploy our own server, but the attempts were unsuccessful.
The messenger protects users better than Telegram: if a hacker intercepts the SMS, he will not get access to the correspondence history - it is not on the Signal servers. But it is stored on the device, so you should set a pin code to enter the application. And this will help protect data in case of guessing a password to a phone or computer," Yuri Melashchenko notes.
"The virtual keyboard is an additional means of counteracting UFED devices. Built-in keyboards remember every word you have ever entered on your device. With access to your phone, it can get this vocabulary even if you wrote messages in a messenger with end-to-end encryption," the CEO of Security Services Group says.