Telegram bots - are they secure?

I am using telegram extensively these days. There are several bots available to link the app to other apps. How to determine if these are safe to use?
I’m probably asking the obvious but would appreciate some informed views on this.

I wouldn’t consider Telegram as “save”, so why should the “bots” be?

Thanks but I’m not getting into the safety of telegram app. I believe it’s secure.

Your “believe” is unfortunately just wrong.
Telegram has to be considered one of the most, if not the most, dangerous (regarding the security of the user, and their content) messenger currently worldwide available.

Unless Telegram offers a single-sign on feature which allows you to specify what specific privileges you are granting the 3rd party, I would not consider that to be secure at all.

Safe to use depends on the question what somebody considers as safe. Wired has a nice article online regarding Telegram encryption:

“Secret” chats with end-to-end encryption can be enabled between two individuals. But they need to do that manually. Which is not been done very often, I think.

Regarding bots in particular:

So, not what I would consider secure. And it makes sense. A bot is nothing else than an external script using the Telegram Bot API with access to a chat. As soon as a bot is a part of a Telegram conversation, well … you do not know what is going on with the bot…

A nice read (not so much because of the comparison of Signal and Telegram itself but also because it lists the differences in the apps’ implementation of encryption - and the lack thereof):

My two cents given the information out there: Signal is secure. WhatsApp is secure (with the known privacy caveats). Telegram can be secure if you know what you are doing.


Thank you for the comprehensive reply!

1 Like