Messed around with Telegram for a while. The official C library (tdlib) is great: no pain to compile on both openSUSE and Windows, and easy to use in Java (using JNI).

Normally I use the official desktop and Android client, which gives me an illusion of safe and secure. You have secret chat for e2e chats, you have normal chats where you can delete messages for both you and the other person, and the channel and group features are super rich in terms of access control, where you can decide if clients are allowed to share/forward your media, etc.

However, I do mention that this is an "illusion". Only the secret chat is safe and secure, assuming your device is secure. The rest of the features are only for clients who follow the rules.

For example, the download and forward control, where you can disable member from downloading and forwarding your message in the group chat. This is a false claim if you directly access the API. The api will give you the data, it just tells the caller that this data should not be saved locally on the device. But there is nothing stopping me from saving the file.

Well, technically, there is no way to prevent such access violation. Even the DRM content can be recorded from the screen. But knowing the fact and knowing the illusion is totally different.

Knowing the fact means I acknowledge the limitation of the technology, and I know there will be a breach/leak after I publish something even in a secret way. But trusting the illusion means I'm expecting everyone to follow the rules and I expect no breach/leak, which can lead to a very bad/wrong decision making. For example, sending some secret information to such a group, expecting no one can download it but see it (maybe to prove you can get such confidential information), and then you saw what you send on a random website and causing serious problems.

Safety 101: Do not publish anything if you cannot afford the consequse of leaking.