Agreed. I don’t see the appeal compared to Signal. Although, Signal is also sketchy with an operating cost in the tens of millions of dollars per year. Where does the money come from?
I've used and promoted Signal for years and I've recently become suspicious of them and their funding as well after looking into starting my own encrypted communications app.
It's not cheap sending dozens or hundreds of megabytes of video files or whatever ... whenever the user feels like it, mind you ... with a monetization strategy that's literally simply hoping that donations will cover it?
Just like DC5 is often down to the discontent of Chinese users, DC2 is the one serving all Russian and Ukrainian users, so in the more technical Russian-speaking communities "dc2 down" is also a pretty common saying
The DC3 gap is interesting. I wonder whether they deprecated it because the other EU server had plenty of capacity, or still keep it but only for... "special" account data flow.
You may have already read it, but portions of this sprawling (and very very good) essay by Neal Stephenson get into the topic:
Mother Earth Mother Board - https://www.wired.com/1996/12/ffglass/
DC2 is the first connection point of all MTProto clients.
Any DC may refuse a request and force the client to switch DC.
Profile URL doesn't show where messages/chats/channels are stored, as telegram has two dedicated DCs mostly for media. The rest DCs allow media with bandwidth being throttled.
DC in Miami, explains why Telegram app is snappy fast for me. I notice similar speed improvement with Meta and other big tech apps when I'm on the west coast. I guess latency matters when your app is making tons of requests.
Most of big tech's major data centers are in Loudoun County, VA on the east coast not the west coast. It's centrally located to be great latency for the east coast and OK latency for west coast and Europe. Plus a friendly regulatory environment and lots of existing DCs (AWS us-east-1, Azure East US 1/2)
If you're feeling any better latency on the west coast it's more likely to be placebo than real.
Your experienced latency will be heavily influenced by which DC you hit, in which case we care about the relative traffic loads because you aren't just hitting your closest one all the time.
I've never listened about that but also im not a big telegram user... but that completely explains why mine is so slow.... I'm on latam and my account is on singapur..
Good ux, pleasant to use. A large community and lots of channels with all kind of content. Api is also great for spinning a bot for whatever purpose. I have for example a critical error bot for a production server running. If a critical error occurs, I get an immediate telegram message.
They claim that they store user data on different servers in different jurisdictions so it becomes more difficult for authorities to gain access [1]. Maybe that's true and it has something to do with these DCs that seem to be unused.
They do not claim that. They do claim that they store specifically encryption keys in several data centers in different jurisdictions. Here is the exact quote: "All data is stored heavily encrypted and the encryption keys in each case are stored in several other data centers in different jurisdictions". So only keys are distributed.
What does heavily encrypted even mean? Fully encrypted? Slightly encrypted? Encrypted enough to call it “heavily encrypted” but not enough to be protected from whoever is interested?
Heavily means the key is large so it takes longer to crack, but also longer to encrypt/decrypt, so the service is more costly to run and slower. At least I've seen it used that way
In this context "heavily" means "we can't legally claim it's end-to-end encrypted because it's not".
Also it's not even post quantum, so it's not heavy. Telegram's Diffie-Hellman breaks instantly with a quantum computer large enough to run Shor against it.
Also, the keys sit on the servers' RAM, no matter what they lie. There is no global distributed RAM system, especially one that encrypts data in distributed fashion and works at the negligible latencies that Telegram boasts.
>telegram is the safest encrypted messaging app. Period, full stop.
Yes, let's see
* Not end-to-end encrypted by default
* No end-to-end encrypted groups
* No end-to-end encryption on any desktop client by the vendor, forcing cross-platform users to drop secret chats. This includes 81% of working age people who sit on their computer during work day, and 100% of college students and IT workers.
* Lacks ALL metadata protection from server like phone number, IP-address and thus geolocation, contact list, group memberships, quantity and schedule of communication, data types. In fact --
* Secret chats leak additional metadata about intent to hide content from TG as the vendor.
Telegram has nothing to do with Russia, other than having a Russian founder, and the Ukrainian military has literally relied upon it in the past, along with many Ukrainian civic services. You people are just racist towards Russians and need help.
Based on the analysis of packet captures above, I believe it is clear that anyone who has sufficient visibility into Telegram’s traffic would be able to identify and track traffic of specific user devices. Including when perfect forward secrecy protocol feature is in use.
This would also allow, through some additional analysis based on timing and packet sizes, to potentially identify who is communicating with whom using Telegram.
I love how the author of your honeypot blog post has nothing concrete other than potential attack vectors and is like "Well this is obviously a Russian honeypot" with no evidence what so ever other than a claim that there are plain text device identifiers, which is something the FSB would do. [insert clown emoji]. You can do similar attacks on signal and whatsapp.. Why is it that the Russian one bothers you so much?
>You people are just racist towards Russians and need help.
That doesn’t exclude the statements about Telegram to be correct though. That is, if some hater against whatever group say 1+1=2 or water is wet, what’s the conclusion?
>You can do similar attacks on signal and whatsapp.
Well yes. Don’t trust devices, they are not humans, they don’t qualify. They can at most have some degree of reliance for some purpose. But assuming that all devices out there are powned by some external parties is a rather sound security baseline approach.
>Why is it that the Russian one bothers you so much?
One don’t need to bother more on any specific oligarchy really, they all use their fellow humans like disposable pawns.
I'm not going to speak for the author of that article. But I agree with his conclusion. Telegram is indistinguishable from a honeypot.
In the world of infosec, stuff isn't secure until someone proves you wrong (which you reject assuming racism). Stuff is secure when you prove it's secure.
Practically every major secure messaging app vendor has proven they can not be a honeypot, by end-to-end encrypting their communications, offering open source clients with public key fingerprints to verify that end-to-end encryption is working correctly.
Telegram hasn't done that. Telegram's lack of end-to-end encryption, paired with zero effort for metadata protection (not even stuff like sealed sender) shows they don't give a damn about actual security.
But what they do is also what an FSB op would do.
* It would advertise "heavily encrypted" and bash WhatsApp day after day convincing average Janes and Joes about it being really really secure, and confuse readers who take a closer look, with claims of all chats using MTProto but also calling both client-server and end-to-end encryption protocols MTProto.
* It would construct a narrative that the face of the app is a rebel dissident in exile.
* It would be banned temporarily or poorly
* It's role would be obfuscated by releasing an obviously backdoored app like Max, to make Telegram seem safe compared to it. Like Russian intelligence really believed they could use Max to monitor Russian dissidents. FSB isn't dumb. Russian military deception is world famous. https://en.wikipedia.org/wiki/Russian_military_deception
The backdoor sits in the fact nothing is end-to-end encrypted, groups can't be E2EE, but troll army can still defend it, claiming it does have 1:1 E2EE if you want. Yes, it does, if you really want the highest friction UX possible. People try and drop secret chats when they want to be able to alt-tab into the conversation instead of digging into their phones 100 times a day. This backdoor is ingenious because the users can only blame themselves when their 1:1 messages end up to the server.
A good messaging app creator knows this, so they make E2EE default so that users don't encounter such friction. E.g. Signal allows you to have E2EE 1:1 and group chats between all of your devices. That's what proper privacy by design looks like. Would Telegram do that, they would've proven they stand for their users, and I'd actually recommend them.
Data is a toxic asset. Even if Telegram isn't a honeypot, it's a massive data collecting apparatus, that has all that data sit on its servers, from which the hacking team of any major intelligence agency can access it en mass. That's the life of 1B users worldwide. So ultimately, it doesn't even matter if Telegram is a honeypot, it's equally usable to https://en.wikipedia.org/wiki/Fancy_Bear or NSA TAO or whoever.
This isn't about hating on Russians. This is about Durov not passing the minimum bar of what modern secure communication is about.
You've so far claimed telegram is the best with nothing to back that claim, ignored every counter argument, attacked argument of someone other than me, and you're now replaying Russian government shill tactics to try to rally people behind you for emotional reasons, when I'm explicitly giving technical critique.
It's more about the fact that five eyes intelligence services prefer to officially spy on each other's countries so they don't have to answer to their respective bureaucrats. They prefer plausible deniability.
Something like this:
DC1 politically belongs to UK which "spies" on CA/US but physical servers are located in US so US ultimately retains control.
DC2 politically belongs to France which "spies" on RUS/UKR/DE but physical servers are located in NL (e.g. in UK because one wouldn't be able to spot difference in ping). Maybe it's politically owned by UK/NZ or UK/AUS because France can't be publicly caught spying on Germany. But France wouldn't risk public arrest of Telegram CEO and the spectacle with russia if there is nothing to gain.
DC4 politically belongs to USA which "spies" on UK/Israel but physical servers are in NL/UK
DC5 politically belongs to UK/USA which "spies" on AUS/China/India but physical servers are in Singapore (e.g. former UK colony)
I love mentioning the UK in these kind of discussions because the pushback is biggest every time the Crown is mentioned, and ultimately US/CA/NZ/AUS are all colonies under the King.
Really cool to see realpolitik mapped out like this. It also highlights the problem of metadata with these kind of topics.
The reason it's in Singapore is that Telegram can't operate in China, and Singapore-washing is the closest thing to doing it. A ton of VPNs and other services targeting mainland users but not allowed in the mainland are hosted there, it's a huge hub for companies and networks.
It makes sense: European users are assigned to EU data center, and Chinese to the one closer to them. The "custom code" should not be complicated, just a map of country to DC.
You are suggesting to develop a compicated solution (spend money) when current simple one is working ok without any elections.
If you've ever actually tried to implement server clustering you quickly find there's no magic cloud, except in specific cases like blockchains. A privately operated cluster system is mostly about directing requests to the correct server out of a finite set of servers.
Beautiful analysis. It really looks like the country distribution [1] follows the geographical split between five eyes intelligence services, and maybe a small slice for France after they imprisoned the Telegram CEO [2] in order to take over data ownership from russia.
idk, they probably tried to get people on DC's as close to their location as possible. Using your phone number's country code might seem like a good way to do this at first, and they probably didn't give it much more thought before building the whole thing on this idea.
The Lex Fridman podcast episode with Pavel Durov is worth listening to. Their servers are built to be very secure — of course, it would be different for others, and they use some clever tricks
Good story, I yet believe the guy is trying to do the right thing. In the lex Friedman podcast he talks about banning extremist channels in both sides always, the story focus more on the Nalvani's block, but accordingly him he also bans other sides depending on the content.
I do follow a number of Telegram channels about the Ukraine war, and the pro Ukraine channels are there together with pro Russian channels.
Of course he would say that. Even besides the fallaciousness of this argument (there is no equivalence between an aggressor and a victim), Pavel Durov is completely untrustworthy.
There is product stuff, like misleading claims about Telegram's encryption and comparisons to Signal. In reality, for the vast majority of chats they have plaintext, unlike Signal.
There are more subtle positioning claims. Durov made a huge deal of his "exile", but I saw Telegram's office in St Petersburg with my own two eyes a year after Durov "fled the country". It definitely wasn't shut. There were even local news of Pavel assaulting a guy in St Petersburg for trying to make a photo of him a couple years later.
And then there are just completely unnecessary lifestyle claims. He said multiple times how he doesn't take any "pills" or medications. It only takes a minute to find his old photos. Male pattern baldness doesn't stop progressing without DHT suppression, and last time I checked, finasteride comes in pills. I don't understand why would he make misleading statements about something so visible, but it doesn't make him any more trustworthy.
The more I learn about telegram, the sketchier it seems.
Agreed. I don’t see the appeal compared to Signal. Although, Signal is also sketchy with an operating cost in the tens of millions of dollars per year. Where does the money come from?
Apparently it's funded by your friendly neighbor.
I've used and promoted Signal for years and I've recently become suspicious of them and their funding as well after looking into starting my own encrypted communications app.
It's not cheap sending dozens or hundreds of megabytes of video files or whatever ... whenever the user feels like it, mind you ... with a monetization strategy that's literally simply hoping that donations will cover it?
That's insane.
- Telegram has exemplary fast, native clients on most platforms I’ve used it on
- Cat stickers
- Did I mention it has the best native clients out of all the messaging apps? It boggles the mind why other companies can’t get this done.
I’ve never used the telegram app. What do you like about it compared to signal / WhatsApp?
[delayed]
Signal and WhatsApp are bloated and slow in comparison.
What is slow?
I don't understand what there is to accelerate.
Just like DC5 is often down to the discontent of Chinese users, DC2 is the one serving all Russian and Ukrainian users, so in the more technical Russian-speaking communities "dc2 down" is also a pretty common saying
The article is from May 2022, just fyi.
I think it was reposted today because https://core.telegram.org/bots/serverless was just announced, which prompted some curiosity on HN about Telegram's architecture (https://news.ycombinator.com/item?id=48918534). But yes, the title should be updated to indicate this.
The DC3 gap is interesting. I wonder whether they deprecated it because the other EU server had plenty of capacity, or still keep it but only for... "special" account data flow.
Also, it looks like it's easy enough to ID your DC on their API, though I haven't tried it yet (more of a Matrix Stan personally): https://core.telegram.org/method/help.getConfig
For a hot second there I was really excited to learn about historical telegram "data centers".
It's a capital T.
You may have already read it, but portions of this sprawling (and very very good) essay by Neal Stephenson get into the topic: Mother Earth Mother Board - https://www.wired.com/1996/12/ffglass/
DC2 is the first connection point of all MTProto clients.
Any DC may refuse a request and force the client to switch DC.
Profile URL doesn't show where messages/chats/channels are stored, as telegram has two dedicated DCs mostly for media. The rest DCs allow media with bandwidth being throttled.
DC in Miami, explains why Telegram app is snappy fast for me. I notice similar speed improvement with Meta and other big tech apps when I'm on the west coast. I guess latency matters when your app is making tons of requests.
Most of big tech's major data centers are in Loudoun County, VA on the east coast not the west coast. It's centrally located to be great latency for the east coast and OK latency for west coast and Europe. Plus a friendly regulatory environment and lots of existing DCs (AWS us-east-1, Azure East US 1/2)
If you're feeling any better latency on the west coast it's more likely to be placebo than real.
On the contrary, Big tech famously has plenty of data centers on the west coast:
• Quincy, WA (Microsoft)
• The Dalles, Oregon (Google)
• Prineville, Oregon (Facebook, Apple)
• Hillsboro, Oregon (Cloudflare, others)
• Boardman, Oregon (AWS)
By traffic load east coast datacenters dwarfs these.
The parent comment wasn't regarding traffic loads; it was regarding latency.
Your experienced latency will be heavily influenced by which DC you hit, in which case we care about the relative traffic loads because you aren't just hitting your closest one all the time.
I've never listened about that but also im not a big telegram user... but that completely explains why mine is so slow.... I'm on latam and my account is on singapur..
Are people still using Telegram? What is the upside compared to Signal?
Good ux, pleasant to use. A large community and lots of channels with all kind of content. Api is also great for spinning a bot for whatever purpose. I have for example a critical error bot for a production server running. If a critical error occurs, I get an immediate telegram message.
They claim that they store user data on different servers in different jurisdictions so it becomes more difficult for authorities to gain access [1]. Maybe that's true and it has something to do with these DCs that seem to be unused.
[1] - https://telegram.org/privacy
They do not claim that. They do claim that they store specifically encryption keys in several data centers in different jurisdictions. Here is the exact quote: "All data is stored heavily encrypted and the encryption keys in each case are stored in several other data centers in different jurisdictions". So only keys are distributed.
What does heavily encrypted even mean? Fully encrypted? Slightly encrypted? Encrypted enough to call it “heavily encrypted” but not enough to be protected from whoever is interested?
Heavily means the key is large so it takes longer to crack, but also longer to encrypt/decrypt, so the service is more costly to run and slower. At least I've seen it used that way
There's nothing slow about AES.
In this context "heavily" means "we can't legally claim it's end-to-end encrypted because it's not".
Also it's not even post quantum, so it's not heavy. Telegram's Diffie-Hellman breaks instantly with a quantum computer large enough to run Shor against it.
Also, the keys sit on the servers' RAM, no matter what they lie. There is no global distributed RAM system, especially one that encrypts data in distributed fashion and works at the negligible latencies that Telegram boasts.
telegram is the safest encrypted messaging app. Period, full stop.
>telegram is the safest encrypted messaging app. Period, full stop.
Yes, let's see
* Not end-to-end encrypted by default
* No end-to-end encrypted groups
* No end-to-end encryption on any desktop client by the vendor, forcing cross-platform users to drop secret chats. This includes 81% of working age people who sit on their computer during work day, and 100% of college students and IT workers.
* No post-quantum key exchange
* No future secrecy
* No per-message forward secrecy
* Bullshit claims about distributed keys https://security.stackexchange.com/questions/238562/how-does...
* Lacks ALL metadata protection from server like phone number, IP-address and thus geolocation, contact list, group memberships, quantity and schedule of communication, data types. In fact --
* Secret chats leak additional metadata about intent to hide content from TG as the vendor.
Also,
History of poor encryption implementation
* 2013: A cracking contest https://news.ycombinator.com/item?id=6932648
* 2013: Telegram, AKA "Stand back, we have Math PhDs!" http://unhandledexpression.com:8081/crypto/general/security/...
* 2015: IND-CCA issues https://eprint.iacr.org/2015/1177.pdf,
* 2015 64-bit complexity MITM attack https://web.archive.org/web/20160425091011/http://www.alexra...
* 2021 Valsorda "The Most Backdoor-Looking Bug I've Ever Seen" https://words.filippo.io/telegram-ecdh/,
* 2021 https://mtpsym.github.io/ and https://mtpsym.github.io/paper.pdf
Some analysis:
* 2025 Matthew Green analysis https://blog.cryptographyengineering.com/2024/08/25/telegram...
* 2025 "Telegram is indistinguishable from an FSB honeypot" https://rys.io/en/179.html
Also,
They employ volunteering sockpuppets https://tsf.telegram.org/
Durov who supposedly lives in exile has visited Russia over 50 times https://eutoday.net/pavel-durovs-secret-visits-to-russia/
I can't scream "drop & run" loud enough.
Telegram has nothing to do with Russia, other than having a Russian founder, and the Ukrainian military has literally relied upon it in the past, along with many Ukrainian civic services. You people are just racist towards Russians and need help.
Based on the analysis of packet captures above, I believe it is clear that anyone who has sufficient visibility into Telegram’s traffic would be able to identify and track traffic of specific user devices. Including when perfect forward secrecy protocol feature is in use.
This would also allow, through some additional analysis based on timing and packet sizes, to potentially identify who is communicating with whom using Telegram.
I love how the author of your honeypot blog post has nothing concrete other than potential attack vectors and is like "Well this is obviously a Russian honeypot" with no evidence what so ever other than a claim that there are plain text device identifiers, which is something the FSB would do. [insert clown emoji]. You can do similar attacks on signal and whatsapp.. Why is it that the Russian one bothers you so much?
>You people are just racist towards Russians and need help.
That doesn’t exclude the statements about Telegram to be correct though. That is, if some hater against whatever group say 1+1=2 or water is wet, what’s the conclusion?
>You can do similar attacks on signal and whatsapp.
Well yes. Don’t trust devices, they are not humans, they don’t qualify. They can at most have some degree of reliance for some purpose. But assuming that all devices out there are powned by some external parties is a rather sound security baseline approach.
>Why is it that the Russian one bothers you so much?
One don’t need to bother more on any specific oligarchy really, they all use their fellow humans like disposable pawns.
>Ukrainian military has literally relied upon it in the past
Well they realized their mistake and banned Telegram's use on state issued devices in 2024 https://www.bbc.com/news/articles/c78dwepw95do
I'm not going to speak for the author of that article. But I agree with his conclusion. Telegram is indistinguishable from a honeypot.
In the world of infosec, stuff isn't secure until someone proves you wrong (which you reject assuming racism). Stuff is secure when you prove it's secure.
Practically every major secure messaging app vendor has proven they can not be a honeypot, by end-to-end encrypting their communications, offering open source clients with public key fingerprints to verify that end-to-end encryption is working correctly.
Telegram hasn't done that. Telegram's lack of end-to-end encryption, paired with zero effort for metadata protection (not even stuff like sealed sender) shows they don't give a damn about actual security.
But what they do is also what an FSB op would do.
* It would advertise "heavily encrypted" and bash WhatsApp day after day convincing average Janes and Joes about it being really really secure, and confuse readers who take a closer look, with claims of all chats using MTProto but also calling both client-server and end-to-end encryption protocols MTProto.
* It would construct a narrative that the face of the app is a rebel dissident in exile.
* It would be banned temporarily or poorly
* It's role would be obfuscated by releasing an obviously backdoored app like Max, to make Telegram seem safe compared to it. Like Russian intelligence really believed they could use Max to monitor Russian dissidents. FSB isn't dumb. Russian military deception is world famous. https://en.wikipedia.org/wiki/Russian_military_deception
The backdoor sits in the fact nothing is end-to-end encrypted, groups can't be E2EE, but troll army can still defend it, claiming it does have 1:1 E2EE if you want. Yes, it does, if you really want the highest friction UX possible. People try and drop secret chats when they want to be able to alt-tab into the conversation instead of digging into their phones 100 times a day. This backdoor is ingenious because the users can only blame themselves when their 1:1 messages end up to the server.
A good messaging app creator knows this, so they make E2EE default so that users don't encounter such friction. E.g. Signal allows you to have E2EE 1:1 and group chats between all of your devices. That's what proper privacy by design looks like. Would Telegram do that, they would've proven they stand for their users, and I'd actually recommend them.
Data is a toxic asset. Even if Telegram isn't a honeypot, it's a massive data collecting apparatus, that has all that data sit on its servers, from which the hacking team of any major intelligence agency can access it en mass. That's the life of 1B users worldwide. So ultimately, it doesn't even matter if Telegram is a honeypot, it's equally usable to https://en.wikipedia.org/wiki/Fancy_Bear or NSA TAO or whoever.
Also, https://dfrlab.org/2018/02/15/putinatwar-how-russia-weaponiz... shows Russian troll army is using russophobia as a narrative online.
This isn't about hating on Russians. This is about Durov not passing the minimum bar of what modern secure communication is about.
You've so far claimed telegram is the best with nothing to back that claim, ignored every counter argument, attacked argument of someone other than me, and you're now replaying Russian government shill tactics to try to rally people behind you for emotional reasons, when I'm explicitly giving technical critique.
It's more about the fact that five eyes intelligence services prefer to officially spy on each other's countries so they don't have to answer to their respective bureaucrats. They prefer plausible deniability.
Something like this:
I love mentioning the UK in these kind of discussions because the pushback is biggest every time the Crown is mentioned, and ultimately US/CA/NZ/AUS are all colonies under the King.Really cool to see realpolitik mapped out like this. It also highlights the problem of metadata with these kind of topics.
The reason it's in Singapore is that Telegram can't operate in China, and Singapore-washing is the closest thing to doing it. A ton of VPNs and other services targeting mainland users but not allowed in the mainland are hosted there, it's a huge hub for companies and networks.
This strikes me as a huge amount of custom code and technical debt. Every new software dev probably has to learn this.
Why not a sticky master election per user, and have no special data centers?
It makes sense: European users are assigned to EU data center, and Chinese to the one closer to them. The "custom code" should not be complicated, just a map of country to DC.
You are suggesting to develop a compicated solution (spend money) when current simple one is working ok without any elections.
If you've ever actually tried to implement server clustering you quickly find there's no magic cloud, except in specific cases like blockchains. A privately operated cluster system is mostly about directing requests to the correct server out of a finite set of servers.
From what I have read, they only have ~30 employees. They're not exactly onboarding a lot of new people here.
Learn what? How to count to 5?
Beautiful analysis. It really looks like the country distribution [1] follows the geographical split between five eyes intelligence services, and maybe a small slice for France after they imprisoned the Telegram CEO [2] in order to take over data ownership from russia.
[1] https://dev.moe/wp-content/uploads/2022/05/image-14.png
[2] https://en.wikipedia.org/wiki/Arrest_and_indictment_of_Pavel...
i'm far from an authority on content delivery or whatever, but the first thing I thought of was what a bizarre way to setup your infrastructure!
idk, they probably tried to get people on DC's as close to their location as possible. Using your phone number's country code might seem like a good way to do this at first, and they probably didn't give it much more thought before building the whole thing on this idea.
I'm on DC5 since I lived in Korea when signing up, but I cannot say I've noticed many outages.
https://archive.is/VHlJH
something smells suspicious about this kind of data routing
The Lex Fridman podcast episode with Pavel Durov is worth listening to. Their servers are built to be very secure — of course, it would be different for others, and they use some clever tricks
That has "military grade encryption" vibes.
More mysteries of Telegram Data Centres: https://istories.media/en/stories/2025/06/10/telegram-fsb/
(and a follow-up: https://istories.media/en/news/2025/06/10/telegram-responds-... )
Good story, I yet believe the guy is trying to do the right thing. In the lex Friedman podcast he talks about banning extremist channels in both sides always, the story focus more on the Nalvani's block, but accordingly him he also bans other sides depending on the content. I do follow a number of Telegram channels about the Ukraine war, and the pro Ukraine channels are there together with pro Russian channels.
Of course he would say that. Even besides the fallaciousness of this argument (there is no equivalence between an aggressor and a victim), Pavel Durov is completely untrustworthy.
There is product stuff, like misleading claims about Telegram's encryption and comparisons to Signal. In reality, for the vast majority of chats they have plaintext, unlike Signal.
There are more subtle positioning claims. Durov made a huge deal of his "exile", but I saw Telegram's office in St Petersburg with my own two eyes a year after Durov "fled the country". It definitely wasn't shut. There were even local news of Pavel assaulting a guy in St Petersburg for trying to make a photo of him a couple years later.
And then there are just completely unnecessary lifestyle claims. He said multiple times how he doesn't take any "pills" or medications. It only takes a minute to find his old photos. Male pattern baldness doesn't stop progressing without DHT suppression, and last time I checked, finasteride comes in pills. I don't understand why would he make misleading statements about something so visible, but it doesn't make him any more trustworthy.
It's a great an telling investigation. Dropped in to share it as well. Telegram deserves no trust from us.