I've come to hate telegram. At the beginning, they were like "we're gonna open source everything after some time, we care about privacy", then
they didn't improve secret chats algorithm so that it could be the default way of sending messages without lacking features (going instead with a curious, to say the least apology of unecrypted remote storage, despite aknowledging the existence of credential recovery schemes secure at least as their authentication;
they didn't ported secret chats to desktop;
they competed unfairly in respect to other opensource IM projects, locking in users with over the top short to last features made possible by their huge dollar backing (Durov), like not specified storage quota size (heck, what do you think you are, Gmail in 2004?).
their positions is not so much clear; regarding copyright infringements they put theirselves in a gray area; having strong opinions on the matter I am concerned that there exist loopholes in their statements.
So now telegram boasts itself as a privacy champion in the instant messaging space, although previous points tell us quite the opposite. Also, their press material is always very careful with words, so that their statements can easily lead uninformed users to think that their service is secure: they don't mention that's as true as when you say that Skype is secure, not as when you say that GNUpg is secure and you should know why.
So why did I write PGPgram?
I wrote it as proof-of-concept to show that it could be easy to have (whatever) encryption implemented by default on telegram. Not that counts anyway, because telegram API terms of services indirectly prohibit use of encryption over its servers:
it is forbidden to force users of other telegram clients to download your app to view CERTAIN messages and content sent using your app,
which is indeed what an encrypted by default version of telegram would do, even by keeping retrocompatibility.
It should be noted notice that PGPgram does not violate that rule, since the contents it produce are not meant to be shared with other telegram users.
At the time of writing it would be just a matter of time to convert PGPgram to a full fledged telegram client, using other encryption schemes that preserve message sharing among devices, forward secrecy or secret group chats and bots.
PGPgram is available through the Python Package Index (PyPI). Pip is pre-installed if
python >= 3.4 has been downloaded from python.org; if you're using a GNU/Linux distribution, you can find how to install it on this page.
After setting up pip, you can install PGPgram by simply typing in your terminal
# pip3 install pgpgram
PGPgram install a command line utility with the same name,
pgpgram, that can be used to
list files. You can invoke command line help with
pgpgram --help and get command options with
pgpgram <command> --help
The application requires
gpg to be present on your system, so maybe macOS users will need to make some aliases. At the moment file deletion is not handled because I reached time limit for unpaid development.
This program is licensed under GNU General Public License v3 or later by Pellegrino Prevete.
TDLib is licensed under the terms of the Boost Software License.
If you find this program useful, consider offering me a beer, a new computer or a part time remote job to help me pay the bills.