WhatsApp users are flocking to Telegram

RonSwanson

Expert Member
Joined
May 21, 2018
Messages
4,804

Cryptography contests[edit]​

Telegram has organized two cryptography contests to challenge its own security. Third parties were asked to break the service's cryptography and disclose the information contained within a secret chat between two computer-controlled users. A reward of respectively US$200,000 and US$300,000 was offered. Both of these contests expired with no winners.[269][270] Security researcher Moxie Marlinspike and commenters on Hacker News criticized the first contest for being rigged or framed in Telegram's favor and said that Telegram's statements on the value of these contests as proof of the cryptography's quality are misleading. This was because the cryptography contest could not be won even with completely broken algorithms such as MD2 (hash function) used as key stream extractor, and primitives such as the Dual_EC_DRBG that is known to be backdoored.[271][272][273]

2019 Puerto Rico "Telegramgate"[edit]​

Main article: Telegramgate
Telegram was the main subject surrounding the 2019 Puerto Rico riots that ended up in the resignation of then Governor Ricardo Rosselló after a Telegram chat leaked with of hundreds of pages of a group chat on the messaging application Telegram between Rosselló and members of his staff from his term. The messages were considered vulgar, racist, and homophobic toward several individuals and groups, and discussed how they would use the media to target potential political opponents.

Data selling bot[edit]​

The chairman of the public organization "Electronic Democracy" Volodymyr Flents on 11 May 2020 announced that a Telegram bot appeared on the Web, which sold personal data of citizens of Ukraine. It is estimated that the bot contains data from 26 million Ukrainians registered in the Dіia application. However, subsequently, Deputy Prime Minister and Minister of Digital Transformation Mikhail Fedorov denied fakes about the sale of data from "Dіia". The criminal activity of 25 people has already been confirmed and copies of 30 databases were seized.[274][275][276]



Security breaches[edit]​

In 2013, an author on Russian programming website Habr discovered an unexplained modification to the Diffie-Hellman key exchange scheme as described in the first version of MTProto specification that would allow an attacker to mount a man-in-the-middle attack and prevent the victim from being alerted by changed key fingerprint. The bug was fixed by the company shortly after the initial publication without any explanation.[206]

On 2 August 2016, a report by Reuters stated Iranian hackers compromised more than a dozen Telegram accounts and identified the phone numbers of 15 million Iranian users, as well as the associated user IDs. Researches said the hackers belonged to a group known as Rocket Kitten. Rocket Kitten's attacks were similar to ones attributed to Iran's Islamic Revolutionary Guards Corps. The attackers took advantage of a programming interface built into Telegram. According to Telegram, these mass checks are no longer possible because of limitations introduced into its API earlier in 2016.[207]

On 30 March 2020, an Elasticsearch database holding 42 million records containing user IDs and phone numbers was exposed online without a password. The accounts listed in the database were those belonging to users in Iran, extracted from an unofficial government-sanctioned version of Telegram. It took 11 days for the database to be taken down, but the researchers say the data was accessed by other parties, including a hacker who reported the information to a specialized forum.[208][209][210]

In September 2020, it was reported there have been successful large-scale Iranian government phishing and surveillance by RampantKitten targeting dissidents in Telegram.[211] The attack relied on people downloading a malware-infected file from any source, at which point it would replace Telegram files on the device and 'clone' session data. David Wolpoff, a former Department of Defense contractor, has stated that the weak link in the attack was the device itself and not any of the affected apps: "There’s no way for a secure communication app to keep a user safe when the end devices are compromised."[212]


Really you dont have to be a brightspark, and these are only whats communicated.
MD2. Really? :laugh:
 

cavedog

Honorary Master
Joined
Oct 19, 2007
Messages
18,593
With mobile networks promoting Whatsapp with their Whatsapp bundles I think they should extend the Whatsapp bundles to cover Telegram and Signal and rather call it chat bundles or whatever they want to call it.
 

Gerry

Senior Member
Joined
Jan 20, 2005
Messages
534

Cryptography contests[edit]​

Telegram has organized two cryptography contests to challenge its own security. Third parties were asked to break the service's cryptography and disclose the information contained within a secret chat between two computer-controlled users. A reward of respectively US$200,000 and US$300,000 was offered. Both of these contests expired with no winners.[269][270] Security researcher Moxie Marlinspike and commenters on Hacker News criticized the first contest for being rigged or framed in Telegram's favor and said that Telegram's statements on the value of these contests as proof of the cryptography's quality are misleading. This was because the cryptography contest could not be won even with completely broken algorithms such as MD2 (hash function) used as key stream extractor, and primitives such as the Dual_EC_DRBG that is known to be backdoored.[271][272][273]

2019 Puerto Rico "Telegramgate"[edit]​

Main article: Telegramgate
Telegram was the main subject surrounding the 2019 Puerto Rico riots that ended up in the resignation of then Governor Ricardo Rosselló after a Telegram chat leaked with of hundreds of pages of a group chat on the messaging application Telegram between Rosselló and members of his staff from his term. The messages were considered vulgar, racist, and homophobic toward several individuals and groups, and discussed how they would use the media to target potential political opponents.

Data selling bot[edit]​

The chairman of the public organization "Electronic Democracy" Volodymyr Flents on 11 May 2020 announced that a Telegram bot appeared on the Web, which sold personal data of citizens of Ukraine. It is estimated that the bot contains data from 26 million Ukrainians registered in the Dіia application. However, subsequently, Deputy Prime Minister and Minister of Digital Transformation Mikhail Fedorov denied fakes about the sale of data from "Dіia". The criminal activity of 25 people has already been confirmed and copies of 30 databases were seized.[274][275][276]



Security breaches[edit]​

In 2013, an author on Russian programming website Habr discovered an unexplained modification to the Diffie-Hellman key exchange scheme as described in the first version of MTProto specification that would allow an attacker to mount a man-in-the-middle attack and prevent the victim from being alerted by changed key fingerprint. The bug was fixed by the company shortly after the initial publication without any explanation.[206]

On 2 August 2016, a report by Reuters stated Iranian hackers compromised more than a dozen Telegram accounts and identified the phone numbers of 15 million Iranian users, as well as the associated user IDs. Researches said the hackers belonged to a group known as Rocket Kitten. Rocket Kitten's attacks were similar to ones attributed to Iran's Islamic Revolutionary Guards Corps. The attackers took advantage of a programming interface built into Telegram. According to Telegram, these mass checks are no longer possible because of limitations introduced into its API earlier in 2016.[207]

On 30 March 2020, an Elasticsearch database holding 42 million records containing user IDs and phone numbers was exposed online without a password. The accounts listed in the database were those belonging to users in Iran, extracted from an unofficial government-sanctioned version of Telegram. It took 11 days for the database to be taken down, but the researchers say the data was accessed by other parties, including a hacker who reported the information to a specialized forum.[208][209][210]

In September 2020, it was reported there have been successful large-scale Iranian government phishing and surveillance by RampantKitten targeting dissidents in Telegram.[211] The attack relied on people downloading a malware-infected file from any source, at which point it would replace Telegram files on the device and 'clone' session data. David Wolpoff, a former Department of Defense contractor, has stated that the weak link in the attack was the device itself and not any of the affected apps: "There’s no way for a secure communication app to keep a user safe when the end devices are compromised."[212]


Really you dont have to be a brightspark, and these are only whats communicated.


Nah, you are referring to old issues that were patched years ago.

Any software can be compromised when the user agrees to download the trojan payload.

If you compare the overall security of Telegram with some huge software companies that got hacked,
I would say Telegram is pretty damn good when it comes to security.

:thumbsdown:

Maybe try and warn people against a software product called 'solarwinds'
 

Realmrbean

Active Member
Joined
May 29, 2019
Messages
85
The way the u.s government like to eliminate competition to protect their tech companies, i wouldn't be surprised if fbi launch an "investigation" against telegram.
 

Gerry

Senior Member
Joined
Jan 20, 2005
Messages
534
The way the u.s government like to eliminate competition to protect their tech companies, i wouldn't be surprised if fbi launch an "investigation" against telegram.

What saddens me, because I really like Telegram and use it's bots in some of my products, is
that when Telegram reaches a certain amount of users, they will be bought out by the Americans
for an amount of money that the founders/creators cannot refuse. I predict it will be an obscene
amount of money.

It is just a matter of time.

Anyone that undertakes to design a tamper free messaging service right now can potentially be
extremely rich in a few years time. Just get user uptake and the superpowers will buy you out
- ffs these superpowers print and create their own money, there is no limit to what they can pay.
 
Last edited:

supersunbird

Honorary Master
Joined
Oct 1, 2005
Messages
54,526
Did you have brain damage for breakfast ?

As much as I dislike that moronic poster Corelli, that was a warning. Kids can easily join nearby groups (as in nearby physically) filled with porn if the location feature in Telegram is turned on.
 

Gerry

Senior Member
Joined
Jan 20, 2005
Messages
534
As much as I dislike that moronic poster Corelli, that was a warning. Kids can easily join nearby groups (as in nearby physically) filled with porn if the location feature in Telegram is turned on.
don't shoot the messenger

kids can open images.google.com and search for any image..
Kids can play with dad's phone and check the messages his friends sends him..

Don't know if you have seen how proficient kids are with mobile/tech devices these days ?

Kids are showing adults how to operate their mobile devices

scary
 
Last edited:

Bryn

Doubleplusgood
Joined
Oct 29, 2010
Messages
15,788

^^vampire^^

Expert Member
Joined
Feb 17, 2009
Messages
3,806
Whatsapp: *sharing all your data*

People: "Whatsapp is great"

Government: "Whatsapp you need to tell everyone that you actually share all their data"

People: "Whatsapp is terrible, let's move to another platform where we are the product"
People: *Join Telegram*
People: "Telegram is great"

Telegram: *sharing all your data*

...rinse, repeat.
 
Top