They make it sound like remote-delete is something new. Maybe it is to Telegram, but RIM's/Blackberry's BBM had that feature at least 8 years ago. It's too bad BBM wasn't made cross-platform before all the copycats appeared on the scene.
That Telegram feature that let you delete your private messages on recipients' phones? It didn't work properly
Telegram has fixed a bug that broke one of its chat app's key privacy features: the ability to fully delete your sensitive messages on recipients' phones. The software claimed it could effectively recall messages you sent to your friends: recalled chats were said to be deleted from their devices. However, bug-bounty hunter …
COMMENTS
-
Monday 9th September 2019 20:45 GMT Joe W
In the folder
If it was in a folder on the file system the recipient could have grabbed a copy anyway? It would have shown up in the gallery app, and could have been shared e.g. by email or another chat app, or a local copy could have been created?
Ah, well. Such is life. You cannot reliably unpublish stuff, just as much as you cannot unsay things (well, 1984 etc...). But as I was told "A spoken word has fled like a bird and cannot be caught again", or something along these lines.
-
-
Tuesday 10th September 2019 03:36 GMT Snake
Re: Is it not encrypted?
This is a basic security flaw that has now been openly exposed. Once a file is written to storage, all one must do is run an undelete app (or root privileges) on the device to retrieve the file system marker. You then can retrieve the file and either view it directly, if unencrypted (which most Telegram-saved images are), or have the time to leisurely work on cracking open the encryption.
No bueno.
-
-
-
Tuesday 10th September 2019 06:08 GMT clocKwize
Anything that happens outside of your control is not guaranteed and should be treated as such. When I use "Also delete for X", it is in the knowledge that I'm really just trying to avoid confusion and keep the chat history tidy, I have no expectation that the other person never saw it and won't have it stored in some kind of chat log somewhere.
Fine, if you're using Telegram to transfer top-secret secret documents - I hear it's protocol encryption is pretty good (but I do not know for sure). But if you are - maybe just have the 1 chat with your MI5 contact on it, keep your 1000 person cat gif group chat separate.
-
Tuesday 10th September 2019 07:20 GMT Kurgan
I had once wrote a wrong message (nothing worth of notice) to my wife, so I just deleted it (and deleted for her, too) instead of just messaging her again saying that the previous message was wrong because blah blah blah. She called me and said that a strange thing happened: she had a notification with a message from me (and she could read the first 4 or 5 words of it) but then the message was nowhere to be found...
So I explained the "delete" function, and that the message was wrong so I just deleted it.
But still she was able to read the notification AFTER I deleted the message, so, basically, you cannot unsend what you have sent.
-
Tuesday 10th September 2019 11:03 GMT clocKwize
Yes that's a likely occurrence and has also happened to me. People get notifications for messages received, if they're looking at their phone when it comes in, they'll see it before you delete it, even if they haven't read the message and be confused when they go to read it fully and there is nothing there.
Many things happen between sending a message and it being read. It just isn't that simple.. People expect it to be and get sad though.
-
-
-
Tuesday 10th September 2019 08:12 GMT Anonymous Coward
Easy solution.
I can think of at least one working solution that would allow 99.99% confidence or greater that the entire message is deleted. Better yet, it would also know if it was read. It would also work if both phones were offline/off grid.
It's probably not unique... and really easy to figure out. But I'll still not mention it, as no one is paying me masses to release broken apps, let alone working ones.
-
Tuesday 10th September 2019 10:56 GMT iron
The grammar of this guy's quotes is terrible.
This quote doesn't make any sense: "I found that since Telegram takes `read/write/modify` permission of the USB storage which technically means the confidential photo should have been deleted from Alice's device or storage"
Nor does this one: "the word privacy of Telegram fails here again"