Chats are encrypted. The question who can decrypt them by default.
It is a trade-off between security and usability. By default, you get usability (e.g., you can chat across devices easily). But you think it is worth the cost, you can make encryption keys unavailable without corresponding devices (create secret chat).
My guess, most telegram users prefer usability or don't care/ignorant. It would be a mistake to make the experience worse (that people would notice ignorant or not).
It is false that chats are "unencrypted" (I know, it is repeated on every submission about Telegram here but it does not make it true whatever Goebbels said). Here's a quote from the FAQ: "The relevant decryption keys are split into parts and are never kept in the same place as the data they protect. As a result, several court orders from different jurisdictions are required to force us to give up any data." https://telegram.org/faq#q-do-you-process-data-requests
That is only true for the End 2 End encrypted chats, which are a separate and not very user friendly thing. Regular chats and group chats/channels are by design unencrypted.
Then it is not correct. A security analysis of Telegram has raised doubts about their e2e before. They have (had?) a blogpost up where they pontificate about how it not necessary and would put a burden on their channel feature anyway.
The security analyses I am aware of target MTProto 1 which is not MTProto 2 used for quite a number of years now. MTProto 2 uses standard security primitives.
You cannot say "it is not correct" without proof. We know all messages not just E2EE are wrapped in encryption on their way out a Telegram client and we know they are decrypted on their way in because client source code is available.
Why don't you have a look for yourself then let us know if you've confirmed your suppositions?
> There simply isn't any encryption besides SSL for all the rest, which at one point they were boasting is the cause for their generally excellent performance (no distribution of keys etc). They didn't change that unless they ware uncharacteristically quiet about such a major new feature. It would run counter to their motivation for not doing it in that earlier blogpost. It also doesn't make sense to then have MTproto in parallel especially since they apparently solved key exchange and so on.
At this point you are just willfully throwing around misinformation. A number of commenters have tried to point you directly to the docs to which you've just said, "it's wrong".
> talking about MTproto, which is only used for their e2e chats.
This is also misinformation. [1] Please stop.
I only flag as an absolute last resort here on HN but you are actively harming discourse at this point.
It is a trade-off between security and usability. By default, you get usability (e.g., you can chat across devices easily). But you think it is worth the cost, you can make encryption keys unavailable without corresponding devices (create secret chat).
My guess, most telegram users prefer usability or don't care/ignorant. It would be a mistake to make the experience worse (that people would notice ignorant or not).