The Security Service of Ukraine said in a tweet that it was able to effectively target Russian convoys near Kyiv because of messages sent to an official Telegram bot account called "STOP Russian War." Messages are not fully encrypted by default. That means the company could, in theory, access the content of the messages, or be forced to hand over the data at the request of a government. Right now the digital security needs of Russians and Ukrainians are very different, and they lead to very different caveats about how to mitigate the risks associated with using Telegram. For Ukrainians in Ukraine, whose physical safety is at risk because they are in a war zone, digital security is probably not their highest priority. They may value access to news and communication with their loved ones over making sure that all of their communications are encrypted in such a manner that they are indecipherable to Telegram, its employees, or governments with court orders. You may recall that, back when Facebook started changing WhatsApp’s terms of service, a number of news outlets reported on, and even recommended, switching to Telegram. Pavel Durov even said that users should delete WhatsApp “unless you are cool with all of your photos and messages becoming public one day.” But Telegram can’t be described as a more-secure version of WhatsApp. Individual messages can be fully encrypted. But the user has to turn on that function. It's not automatic, as it is on Signal and WhatsApp.
from tr