Ah, the Telegram HN account just said he "proposed the contest", so I assumed employee. If he is the financier, then it is not surprising that he doesn't understand why his crypto contest is a bad idea.
right and it also explains why the Telegram guys went ahead with his suggestion, because they're presumably keen to keep their main financial backer happy.
I don't think there's any attempt to sell snakeoil here, this is a case of a road to hell being paved with good intentions. To people not well versed in cryptography the things Pavel is saying and the approach Telegram is taking all seem completely reasonable, and the people who do do crypto and are responding might as well be talking a different language. To them the flaws and red flags are so obvious that their responses are incredulous, which has led to the vitriolic back and forth we've seen - neither side can comprehend the other's position. This is Dunning-Kruger[0].
With all due respect, nothing can be "obvious" unless it is proven. You cannot take something for granted just because a respected cryptographer says that. Not after we learned that NSA pushes backdoors using respected firms and people in the crypto-community.
By this reasoning you should presumably agree that the onus is on Telegram to prove the security of their system, not on the rest of the cryptography community to prove that it is insecure. Telegram have completely failed to do this. Even if Telegram had a formal proof of their system (and implementation), would you be in a position to read and understand that proof? I suspect not. Like me, you'd have to trust a group of respected cryptographers to do that job for you, so I don't really know what you're trying to say here. Just because one or two respected cryptographers appear to have become NSA tools, does not mean everyone has.
Also note that it's not a case of one random crypto guy saying that Telegram's approach is flawed, but a case of virtually the entire crypto community saying that the approach is flawed. Does this not ring alarm bells for you? How can you judge that the Telegram guys know their stuff and aren't leading you down the garden path or are themselves deluded?
With your backing, there is a real chance for Telegram to bring secure communications to the masses. This is indisputably a noble goal, but the areas that Telegram should be innovating in are in UI and features - not cryptography. There is no such thing as mostly correct, 'good enough' cryptography, either the system is secure, or it's insecure - there is basically no middle ground. If you fail, it's a bit more serious than your typical software bug - innocent people can literally die - the very people that need this the most are the most at risk. These are the reasons Telegram have been met with such a frosty reception here. Because they come across as arrogant in an area where arrogance is the absolute least desirable trait.
