In other words, don't ever use Telegram for secure messaging cos the minute a government agency comes knocking they'll immediately offer up some lube and bend over
Russia lifts restrictions on Telegram messenger app after it expresses ‘readiness’ to stop some nasties
Russia has lifted restrictions on secure messaging app Telegram after its developers agreed to block some content. Telegram proclaims that it has a “mission to provide the best security combined with ease of use. Everything on Telegram, including chats, groups, media, etc. is encrypted using a combination of 256-bit symmetric …
COMMENTS
-
-
Monday 22nd June 2020 08:16 GMT Charlie Clark
Not necessarily, no, though if you want secure messaging I'm not sure if Telegram is the way to go anway because, in contrast to say Signal, it stores account data on its servers.
Telegram remains popular in Russia, even with Russian politicians, so this is probably some kind of compromise that allows both sides to get on. Spam, presumably including hate stuff, is not unknown in Telegram groups.
-
-
Monday 22nd June 2020 08:18 GMT Khaptain
Änd the legacy stuff ?
I wonder if he now has access to previous messages or is it just the upcoming ones....
Dear Telegram, I have the following proposition to offer you, a free vacation for you and your future generations to the Gulag of your choice or the encryption key ?
Thanks
Vlad the decryptor ( President of the United States of Russia and the World)
-
Monday 22nd June 2020 09:13 GMT Anonymous Coward
Vlad the Decryptor.....
......Yeah!.....all that end-to-end encryption.....security......privacy......what could possibly go wrong?
*
Well....how about privately encrypted messages BEFORE the message enters the channel?
*
170G0f1M04$w05G40H660www0rjf0vux0Zxp0DsF
0Kgl1Lxu10tY0z9q07lL0PlT09RR1VmT0YfC0EW9
1Cod009h0bhS15Sz0tby1bLr1lUx0Xjv0BfA0xuL
0R2H1HD21Gw717DU18f20L3C0KEQ1ckO0L3a1bS0
1JLq0$Uv15jh0eQf0y0u0=pv0NxG0F=g04gg0SMo
0jC$0wsX1cfR00GG1jBd1OqP0A5n0sH30=FP0$3H
0hoL1CVn0J1l1c5M0$hh0JqB0qTL16ij0Sdp0DcZ
1jdt0XYO1cKu0jXy0K7=0G1k18GW0MQL0XVL07do
1gG30Yxp0=av02wB0Z6i16tl10wc1Imv0$xS0n64
1PDV1iX01kBB19TK1K3104st0AVe0DO61ZI51IVx
1Rnj1jdz0VNM0fAY05Ph08St141O1IvP1DM30Pne
0STY125Q0=Js1deS0JsY0oG10Ho00dbp0hig1IDy
1RA=0Kdr0=Vs0XoU12960fl00h3Q0tqI1jko1X7B
0n0r0kv=0V=i0kl=1brL0VD10d6V1DwO1PmC1h=c
11b70rN419Zp0y5y0X5z0jmT0MIR1SH01Sjx1gUL
16iD0ONn0DWc1HS50fJN0FfD0Hyz1LSC0i030cN1
02Wb0FdV10jl0hBx0eSy1NuV09oP06BV1bXt1OIf
1H7a0zoF1ZkG02td1fMt0axf0kxh0noc09450Cxf
1XkW0A7Y122N1Jzh0s4D1Ckf0kGI0gaK
*
-
Monday 22nd June 2020 11:12 GMT poohbear
Sigh. There is more to this. As I understand it from other reports, Telegram is detecting bad stuff on their network and blocking it. They're not giving access to any governments (officially ... reality may be different). The Ruskies walked back because the could not stop all the workarounds that bypassed the ban.
-
-
Monday 22nd June 2020 15:19 GMT whitepines
Re: Two Questions
2. If telegram is truly a secure E2E platform, how can they possibly determine the content of a message in order to cooperate with authorities?
Because it isn't -- it's a proprietary, effectively closed source* app on a phone. That's about as far from secure as you can get. I am assuming that the open source desktop variants are not relevant here, for the sake of argument, since the vast majority of users are on some kind of cell phone and the open source version should be verifiable to actually do what it says on the tin regarding encryption.
If they're not bothering to MITM the traffic directly, it's probably some proprietary local filter in the app detecting keywords. Where it gets interesting is what happens when that filter detects unsanctioned content -- does it send out a trace to the authorities and pretend to send encrypted? What exactly happens in that case?
Other possibilities could be metadata checks -- better hope you're not within some degrees of a known bad apple, or you'll be tasting Putin's special polonium dessert...
* If you can't compile the app yourself, it could have any special modifications required for the app store / local authorities, and you can't check it or fix it.
-
Monday 22nd June 2020 15:33 GMT Charlie Clark
Re: Two Questions
If telegram is truly a secure E2E platform
It isn't and shouldn't be considered as such, unless you setup a "secret chat", though even then it's only published details of the cryptograpic protocols used but no code. Otherwise Telegram stores details on its servers, which is one of the reasons why it's so good for multiple devices.
Telegram has drawn Putin's ire because it has repeatedly refused to provide the details for specific users. And it has sucessfully found workarounds round most government attempts to block it, which is why it remains popular in Russia.
-
-