As an outsider--who doesn't use Telegram--it looks like they want to become like WeChat outside of China: Where you shop and do basically everything from within a single application (Telegram).
They claim this is improved privacy but it doesn't look like that to me. Instead of my transaction being between myself and a merchant it's me, the merchant, and Telegram. Furthermore, Telegram can now aggregate all my purchases and info across multiple merchants (and whatever else I do).
They say they store, "no payment information" but that's really only a small part of any given transaction. They may still record what you bought and how much it cost along with when it was purchased. All the, "no payment information" claim means is that they're not storing your credit card/account numbers.
I.e., Zawinski's Law of Software Envelopment: “Every program attempts to expand until it can read mail. Those programs which cannot so expand are replaced by ones which can.”
I don't really agree. The more crap they add the more I will want to leave. This payment stuff will lead to new types of (WhatsApp takeover scams are already rampant here). PayPal is good enough for this and fairly trusted, I don't want to give everyone all my details. Remember this will force them to ask for ID for everyone who uses this due to money laundering legislation. I don't want my chat apps to know who I really am.
Consider ICQ that was really well loved until they bloated it with unnecessary crap. Same with MSN messenger. I think this will happen here too.
WeChat just works because the whole government is pushing for it and because privacy is just not a thing in China.
Telegram lives on big communities where in many of them trading is already a fact, making it easier to do in app is just another useful feature to then, not something pushing away (or that you are forced to use).
Plus, nowadays there are so many ways to send money, that if you don't like one, you can just decide to go with another path
The problem I see is that in order to promote such features, apps often want to ensure that all users are able to use it. So they would force ID requirements on users so they don't have to do this the first time they receive money. This is what I'm worried about. I don't want my chat apps to have my ID on file because I'm sure this will be used for tracking as well, could possibly be leaked etc.
Here in Europe all money sending/receiving apps now require a photo of passport etc due to money laundering laws. Which is fine for a money sending app, but not if I just want to chat :)
It's kinda weird how this ecosystem goes, since the debundling of websites is also a common theme on HN. When does a superapp become a debundling target?
Debundling comes when bundling fundamentally limits the feature, or the users desire to separate it from their chat identity.
In case of chat apps, payments are IMHO one of the most natural chat app features and won't get debundled - the main point is to be able to send money as a chat message.
There are unbundled payment solutions using phone numbers as user handles like Revolut (that's what I used up until now), but there's still friction in using it to pay back to my girlfriend or send lunch money to the colleague who paid.
Immediately replying to a message with a money transfer is very frictionless for both parties. Yeah, using Revolut is not bad (probably best personal payments system otherwise), but I know I'll be using these payments a lot and won't be looking to switch back.
the friction is the need to identify the recipient of the money. it's not so much that i want to send money as a chat message, but that i want to send money to that chat user that i am already talking to. with any third party service i have to verify that i actually send to the right person, whereas in the chat i already know that this is the right person.
Not just money. It's a natural cycle. Modern web stack evolved in the same way. It was just hypertext in the beginning, then it expanded to fill the available volume and now we have Electron.
> Instead of my transaction being between myself and a merchant it's me, the merchant, and Telegram.
The part about a transaction being between you and a merchant is true only if you use cash and only if you physically buy something with a physical receipt or no receipt. If you use any digital payments, then the transaction metadata is known to several parties (beyond your card issuer and the merchant’s bank). If you buy something online, usually your email provider also has access to your entire purchase history.
So the main question is whether you trust Telegram more or less than your email provider and/or all the parties who get your transaction data.
WeChat actively traps you within its walled garden ecosystem with dark patterns and support from the government. A lot of shops or even government services only have an online presence in WeChat and Alipay. They are called "Mini-Apps" which I believe is unique to China and these 2 apps. It is practically impossible to find vendors or developers for these services as someone outside mainland China.
It is completely possible to replicate this function of Telegram ourselves with ordinary web technologies and service providers.
Not to mention Telegram is transparent in letting your data out of its ecosystem (at least for now).
Provide that we still have the freedom to host any online service as website or an app on App Store / Play Store, I nelieve we will never decay into the dystopian state that is WeChat.
TLDR: WeChat is way more evil than Telegram, even Facebook.
unlike facebook, wechat does not algorithmically decide which content i should see. i get all posts from all my connections in linear order. they are not pushed on me either (i can easily ignore them)
unlike whatsapp, wechat also does not require me to share my phone number. (at least, for the brief time that i tried whatsapp, i could not find a way to hide my number)
wechat also doesn't announce to everyone who happens to have my phonenumber, that i am now on wechat.
wechat lets me control how people can contact me. the default is that people need to ask for my permission before they can add me as contacts and talk to me.
miniapps are just fancy websites designed to display inside wechat, with easy access to my wechat id. but they actually have to ask permissions if they want to use that id for anything.
a vender being only on wechat is no different than a vendor being only on facebook. or on telegram. it's simply a result of market dominance. not good, but not evil either.
there is only one dark pattern that i noticed, that is it is no easy way to export all the content stored inside wechat.
Can we all just agree that there are different variations on the theme of dark patterns and market domination and that one corporation isn't the "end all/be all" of evil? They're both bad. At least you can reasonably avoid FB but if you're in China, how do you avoid WeChat?
i am not trying to argue that wechat is better than facebook. yes, they are both bad. i am just trying to offer some counterpoints to show that wechat isn't really worse either.
the only reason i need to be on wechat is to keep in touch with friends. the same would be true elsewhere where some people are only on facebook/whatsapp. (there are some facebook only groups that i would like to join too)
wechat payment is convenient, but there are alternatives. and cash still works (online shopping also works directly with a bank account). i managed to avoid wechat for the greater part of a decade here, until i was no longer able to avoid it because i was locked out of to many contacts who were only on wechat.
i was not taking about sign up. a phone number is required to register, so i share the number with wechat. but wechat does not force me to share my number with other contacts.
the national id is not required as far as i know, because then foreigners would not be able to sign up
> Not to mention Telegram is transparent in letting your data out of its ecosystem (at least for now).
Unless you try to export a secret chat from an non-rooted Android phone or a non-jailbroken iPhone. The app not only lack a feature for that but also prevents it from being backup-up -- which is a shame as an offline, adb-based, backup is the safest way of getting data out of aff on Android, IMHO.
Every payment processor you use can do the same. And they've been consolidating under the same roof for a while now. I wouldn't be surprised if they all sold their data to some central processors, too.
Not too well. The primary reason is Facebook hasn't spent any money (either on marketing or on cash-backs/discounts) to popularise it. The incumbents (PayTM, Google Pay, and PhonePe) are deeply entrenched to begin with.
any payment that is not cash will have some sort of middleman. whether it is apple pay, visa, or your bank, or some other payment service.
the key issue with digital payments is to verify the payer and the payee. the nice thing about having that built into wechat or telegram is that most payers or payees are already verified because i am already in contact with them
The web apps are super interesting. Its light and fast. On par with the desktop client. Meanwhile, Facebook Messenger takes eons to load, Discord's web client's initial load will hog up my CPU. It will be interesting to see the technology behind this.
"vanilla javascript" usually refers to something like manipulating the DOM directly, without using frameworks, transpiled languages and similar. Both of them seems to be using a bunch of different tech, from typescript to wasm, jsx and more, not sure I'd call that vanilla javascript.
On a second note, I'm surprised that both the new web versions are so similar. Seems just a couple of margins changed and other minor changes (profile picture filling the background vs being a centered circle for example), but built differently. Wonder if they both worked towards the same design maybe?
i think both of them are not using any framework, one of them uses an inhouse library which resembles react but overall i would say it's pretty vanilla (as in no frontend frameworks)
You might be right in the first half, but TypeScript (which they seem to be built in mostly) is not vanilla JavaScript, no matter what library or frameworks you use.
> With the new web versions you can get instant access to your chats on any device – desktop or mobile. These apps are incredibly efficient, requiring only a 400 KB download (that's like two photos of a medium-sized cat) and no installation.
webz.telegram.org and webk.telegram.org look amazing.
That's web apps done right. Small .js files intead of 20MB main.min.js crap.
webk transferred 627 Kb, and is fully functional. Slack, Discord, Teams, and friends could all stand to trim their web application's bloat a bit and take a lesson from this.
I'm working on a new realtime discussion site https://sqwok.im and one of my goals is to keep it as lean/fast as possible, both as a competitive angle & because I find it interesting. So far I get ~445kb transferred, but I have plans to lower it even further with a combination of caching and other strategies.
What would be competitive angle? What percentage of users do you think would care if your app transfers not 445kb but 345kb (sincere question)? I just always was skeptical about "reducing sizes" just for its own sake, and not in the frame of improving performance or noticeably reducing latency for the user (which could be related to the size or not).
Can't argue with the interesting part :)
Good question, and of course the difference between 445kb & 345kb may not be noticeable, but it would be if you compared it against 1/2/10mb etc.
The competitive angle is really delivering a fast/snappy/responsive experience on mobile or desktop. That in itself isn't going to save you, but it is an advantage if part of the sell is a high quality experience.
Re:interesting, for instance I just started experimenting with inlining all css/js into index.html (so far the js part is problematic), minifying classnames, and I'm curious if it'd be possible to even minify js module names etc.
Telegram outsources parts of its development into multi-stage coding contests[1] with prize money. I don't know why they decided to keep two separate versions in the end, but I assume they both came out of the Javascript contest.
They did this a while back with their Android (and iOS?) apps--they had the core Telegram app, and Telegram X. Both had 90% overlapping features, but some subtle differences. It's long enough ago that it's a bit fuzzy in my head, but I think X had slightly better reply gestures, and maybe chat pinning.
Later I think they absorbed the X features into the core app.
I can't decide if I think it's an awesome strategy to launch a self-competing project, or if it just leads to terrible internal issues. I'm leaning more towards the former--I'm a huge believer in the instructive power of contrast, and it's a lot "safer" to contrast against another one of your own products than a competitor. You control much more of the "experiment", and you don't run the risk of cannibalizing your own users.
Plus, from an engineering standpoint, it forces you to have portable technologies and configs, and probably gives your team opportunities to learn from greenfield stuff that can then encourage refactors or other paying-down-tech-debt activities.
It's also just dang impressive that they're able to spin up multiple versions of the same app, and deploy them, and maintain them. That speaks volumes to me about their internal systems, build systems, resource allocation, etc.
OTOH as far as I remember much of Nokia's issues came from internal competition involving sabotage of other teams. Not that that has to happen, but the incentives are a tiny bit dangerous.
Yeah that's a bit strange. My guess is that they use different tech or techniques under the hood and eventually one will be picked as a winner and become just web.telegram.com or they'll take ideas from both and merge into a single one. It kinda looks like a poor man's A/B test.
Telegram really doesn't cease to amaze me with the amount of features it's packing and everything that is possible. Really tremendous development and engineering feat, especially at this scale. I love the app and use it constantly.
Telegram has some nice features from a user's perspective (arbitrary filetype file attachment, animated voice records so I can skip quiet portions, good chat search, private chat support, and video-/picture-/file-/message -specific search). But, one of the main utilities on Telegram is its bot platform. And, as a developer: Building bots with Telegram is difficult. This is mostly a documentation issue.
AFAIK this is the main documentation page: https://core.telegram.org/bots/api which, subjectively speaking is really hard to read, and, objectively speaking, offers no sample responses/interactivity.
I disagree with you, I find the API quite uniform, powerful and enjoyable to use (I'm only annoyed by the recent increase in rate limiting). They offer a nice list of every method and all the parameters, and what they're for, and all the return objects are also documented. Everything is on that single page which is great for CTRL+F.
There's also wrappers for many languages that will have auto-documentation on IDEs like IntelliJ and usage examples.
What I really dislike is Telegram's avoidance of E2EE. Very sketchy.
I'd generally agree that the first party documentation isn't great. There is a list of code examples[0] that I found pretty useful though. I picked one of the python ones and dug into it to get a better idea how everything is setup
I can't confirm or deny since I've been only using telegram as a way to get notifications for some batch jobs or other things I want to keep an eye out for and that use case has been a breeze. I'm having a script constantly checking when the PS5 will be available on amazon and get a notification when that happens to (hopefully) have a chance to get one. I think I might help there, I'll post an article as soon as I can about that with the hope that it'll get people started.
Some years ago I did use Whatsapp to write bots and there was absolutely no documentation at that time but it's possible. What's your use case exactly? Would you like to use Telegram Channels / Groups the way Discord channels are used?
It really is that good. Out of the bunch of apps on my iPhone Telegram is the one that is fast, effectively using cellular data, feature packed. The Unigram client on Windows 10 is also neat.
I'm actually finding the responses between Telegram and Signal's announcements interesting. While there were some shady things with Signal a lot of people were upset about the feature in general saying that a messaging app should just stay a messaging app as well as callbacks to how Telegram failed. So I was kinda surprised to come into this thread finding everyone being so positive and encouraged by the superapp aspects.
Imo the main difference is Signal locking you into an arcane cryptocurrency, while Telegram provides you with a large choice of mainstream fiat payment processors. I agree that the features are not that different, but Telegram's approach feels much more palatable.
Even if you accept that Signal absolutely had to integrate a cryptocurrency, MobileCoin is still such a weird choice. There are privacy-focused coins with a proven track record out there (e.g. Monero and Zcash), while MOB is a no-name project which would never have been most people's preferred payment method.
Curious if you've actually looked into the reasons for choosing something besides Monero/Zcash
I'm in the cryptocurrency space though I don't know too much about privacy coins. However, I've seen some abstracts of studies auditing the true privacy of Monero. Specifically, it can de-anonymize users who make multiple transactions to the same recipient due to its design.
Now, I haven't personally looked into Mobilecoin deeply, and am highly skeptical at the moment. But I do think there's a valid reason to shy away from Monero based on the above, or due to it still being PoW (which is environmentally unsustainable). Signal does seem to care about privacy, and perhaps ethics to some degree. Whether or not it's "proven" (in the sense of having a large number of people using it) is quite meaningless. I really like that the CEO of Mobilecoin, who has been active in engaging with various communities, has been getting a ton of very rigorous questions here in HN, and I don't think his responses have been illuminating enough to instil trust. But I don't think it's fair to write it off as a good choice either. Presumably, Signal has access to information about Mobilecoin that we don't (which is a bad smell for a cryptocurrency, but I do hope the information about who owns how much Mobilecoin becomes public soon enough).
I'm also very interested in what the implications of Signal being a non-profit are here. Are they required to publish information about their dealings?
As I understand Monero is more differential privacy, so that wouldn't fit Signal's objectives. Zcash is hard too because you really have two wallets (shielded and transparent which increases complexity and makes things non-obvious for non-experts, which is against Signal's goals). Both these have issues with transaction times, which was something Signal noted in their choice for MobileCoin.
As to Moxie's involvement in MobileCoin it does make sense that he would push for something that has a fast transaction time. I wish they were more open about what they were doing (AMA got canceled) but I understand they are trying to avoid legal pitfalls (like Telegram did originally). But it is still early so time will tell.
> Signal is all about privacy. It trumps everything else.
Strong disagree with this claim. Signal exposes your phone number to others when you chat. I can add random phone numbers to my address book and find out if those numbers are tied to a Signal account and get to the profile even. Telegram hides phone numbers by default and also has settings to prevent such enumeration, wherein you cannot know that I’m on Telegram by adding my number to your address book unless I also have your number in my address book.
I see that as a big difference too, but still a large fraction of the complaints were purely about the payment aspect. Remembering back to Telegram's payments 1.0 a lot of people were excited about it then too. I'm just curious why people are much more cynical about Signal.
Telegrams selling point was a better WhatsApp, and IIRC this started back when WhatsApp was still unencrypted (yes, not point-to-point encrypted but unencrypted).
Since then they've always taken the lead over WhatsApp everywhere except on E2E-encryption.
Signal is still a secure messaging app. Signal will always be a secure messaging app. They have ignored feature requests to maintain secure/private messaging. Secure communication is paramount to signal.
There is 0 evidence signal is diverging from being a secure messaging app. Are they adding non-chat related features? Yes. Are they making their app any less of a secure chat platform? Absolutely not.
Honestly I really like using Telegram since I switched from WhatsApp and I actually would find it pretty neat if I could use Telegram to interact with some local merchants. Unfortunately I am in Canada and I've yet to see any merchants doing this.
My pharmacist is on WhatsApp and it's nice to just shoot a message saying "Hey I'll be needing a refill on xyz, thanks". He is pretty into technology and trying new things out so not too surprising he had incorporated WhatsApp.
However here we already has support at pretty much every merchant for tapping to pay with phones or tapping with our credit/debit cards so I don't see a huge amount of benefits to this. For example the ordering of pizzas almost seems like it would just be easier on a website. Often when ordering pizza for the family we do things like getting half the pizza with 3 toppings and the other half with 3 different ones. This would start to get annoying to order from a bot.
So I am having a hard time finding use cases for the payment side of things in North America. I just can't think of many text based interactions I'd have with merchants that would be more ideal than using a website.
Cool new stuff. The new web clients are pretty nice, while the old one sucked terribly. The Android app does keep getting smoother and the new features are cool, I guess (though I don't use payments at all).
There's a background to the new web download, however: They've recently started blocking some channels with the message "This message can't be displayed on Telegram apps downloaded from the Google Play Store".
It's also new (and quite cool) to me that reproducible builds are apparently now a thing - the FOSS version of Telegram used to lag way behind the official one which made it pretty difficult to use.
The feature to schedule voice chats really struck me as an example of something that seems so obvious in retrospect. I hope to see more of this innovation around phone-features trickle down to the native iOS phone options.
Looking at the open positions linked at the end, "high IQ score" is one of the preferred qualifications for Assistant to the CEO.
Is that... normal? I've never seen IQ mentioned in a job posting, and it leaves a bad taste in my mouth. Doubly so considering that it's likely the CEO had a hand in writing it.
I am just genuinely surprised by the pace of launching new features by Telegram. I don't know how many developers they employ but this is impressive nonetheless.
Nope. And groups don't even have security as an option.
Basically they are amassing an enormous amount of personal data, chat logs, etc. while their marketing and the public opinion is still that "Telegram is secure". That's a disaster waiting for the company to be acquired or turn evil.
Group chats aren't E2E encrypted and there is no way to enable it for them. In contrast, standard one-to-one chats are also insecure but there is the alternative of using secret chats with E2E encryption (however, unlike Signal chats, they don't synchronize among devices).
I thought they were focused on convenience etc vs the E2E security model (which makes onboarding devices harder etc). Have they put out a roadmap to E2E everything? That would be somewhat major but surprising given they seem to be doing well with current approach (ease of use / features).
iMessage approach is to treat every conversation as a group chat between all the recipient devices and all of yours. There's another risk here, that Apple doesn't let the end user verify the list of devices the chat is encrypted for.
Which is to say, a perfect E2E experience isn't trivial to design, but you don't have to drop the ball completely.
I guess it's not a shortcoming if privacy isn't their primary selling point. It seems more like they want to be like wechat, packed with all the features you need to never have to leave the app.
Glad to see the new web versions. The current version at web.telegram.org is pretty outdated and limited. I also didn't like the favicon for an unread message because you could barely tell the difference between it and the standard favicon. It bugged me to the point where I made a PR to fix it myself but it seems like the repo wasn't really being touched much. Lots of PRs with no activity from the maintainers.
My n=1 anecdote is that is largely depends on the phones being used for the video chat. My OnePlus 6t works great when talking to a Samsung Galaxy S10e, but is terrible when talking with someone using a Galaxy S9+
I just tried one of the apps and it had instant feedback when I gave it the wrong 2FA code. It felt too fast for any network calls to be involved. I looked at the network tab in my browser and sure enough no network calls were being made. It looks like they are using some sort of client side crypto to verify or at least reject tokens. Does anyone any idea about why they'd chose to do it client side or what I am missing?
How can Telegram help us all move away from dependency on a small cabal of big payment players (PayPal, Stripe, Visa, Mastercard)? A big part of privacy and protection against censorship is avoiding these providers, who regularly stop payments for things they disagree with.
Telegram has always tried to pivot toward being a platform (bots, games, public channels, public podcasts), this is another step in that direction, ideally* this could be a low friction option for an individual creator to profit from a side gig.
is it possible to write and host your own telegram web client, a.k.a. are all the features the new clients use publicly available to third-party implementations?
They claim this is improved privacy but it doesn't look like that to me. Instead of my transaction being between myself and a merchant it's me, the merchant, and Telegram. Furthermore, Telegram can now aggregate all my purchases and info across multiple merchants (and whatever else I do).
They say they store, "no payment information" but that's really only a small part of any given transaction. They may still record what you bought and how much it cost along with when it was purchased. All the, "no payment information" claim means is that they're not storing your credit card/account numbers.