Well, yeah.
Share my location tends to mean that.
Not sure what the guy was trying to prove.
A researcher who noted that using the "People Nearby" feature of popular messaging app Telegram exposed the exact location of the user has been told that it's working as expected. Folk who activate this feature see a list of other users within a few miles to "quickly add people nearby... and discover local group chats." Using …
"In the case of Telegram's requirement, it might be sufficient simply to report which users are within a seven-mile radius, for example, rather than exposing their exact distance away."
I fail to see how that actually solves the problem, unless there's a lot of randomness added or it uses a constant arbitrary point for distance (say, everyone in a postal code is at the center of that postal code). Otherwise it just means it takes more than 3 readings, big whoop.
While that is true, there's a big difference between "here's a book with twenty thousand people indexed by name, good luck"...
...and "This young brunette is Jessica, she's out for her morning run, this is her route. She lives at 6 Skylark Lane. She's single, has two cats, and plays the cello" (the additional details easily gleaned by following links to social media profiles, etc).
First of all, it was a lot more than 20 thousand.
Second, you're right, but that is the state of technology today. People should stop buying these gadgets that reveal their entire lives for basically no advantage. Why do you need a watch that records your GPS coordinates when you run ? Can't you just run ?
Given all of the security analysis that is somewhat skeptical about Telegram's homebrewed crypto, I'm surprised that anyone who is concerned about privacy (rather than just looking as though they are concerned about privacy) uses it. This slightly too-revealing feature (did they really not think it through?) really only adds to that reputation.
Homebrew isn't necessarily bad. Moxie Marlinspike could be said to have homebrewed the Signal protocol. However, its working is completely open source and it's built on fairly well-trusted principles.
Much harder to see what Telegram is doing, so I'm instinctively suspicious of them.
Exactly, as it's disabled by default this shouldn't be considered a bug. I've never used it but the function seems to rely on extreme proximity with it telling me there are users < 100m from me. Difficult to see how you can fuzz this and still make it useful.
A more useful feature, for me at least, is being able to share your location with contacts while you move. Even better is being able to do this from within OsmAnd, which uses Telegram purely as a data pipe.
.......unless YOUR EVERY internet account is an AC (El Reg, Signal, Telegraph, Facebook, Twitter, Ring, Alexa...............)
*
------anyone can find out who you are, where you live....and the colour of your underwear..........
*
Welcome to 1999: https://www.wired.com/1999/01/sun-on-privacy-get-over-it/
Would think the name of the app would be a clue as to the function. Choosing to show your location doesn't have hidden meaning. People need to give up this fantasy that there is privacy online or in apps on a smart phone. You can stay off the Internet and cell phones, but you can still be traced and found. Skip Tracers do it all the time.