Many in the crypto and privacy community mistakenly trust Telegram because it’s “end to end encrypted”, but there are huge issues including not hiding the metadata, censorship, centralization, and phone numbers.
Send this video to your friend that asks why you won’t join:
https://video.simplifiedprivacy.com/why-telegram-sucks/
This is true, but those changes are visible. It’s much harder to get away with back dooring something that’s open source. At the very least, you need to be clever about it so as to not draw suspicion to your changes. I’m reminded of this story: https://www.theverge.com/2021/4/30/22410164/linux-kernel-university-of-minnesota-banned-open-source