Slashdot Mirror

Telegram has unveiled a new blogging platform called Telegraph, which offers fast publishing and anonymous posting without requiring you to sign up or sign in via social media. The Verge reports: The app's user interface looks very similar to Medium and allows for easy embeds. You can also embed images from your computer by clicking on the camera button. In comparison to Medium, the loading time for embeds is relatively fast. Publication is instantaneous upon hitting "publish." Posts are shareable on social media platforms but are designed to work best on Telegram's new Instant View layout, which works similarly to Facebook's Instant Articles feature. The simplicity and speed of Telegraph are not without its downsides. As TechCrunch points out, the lack of user history means that if you accidentally delete the link to your published post, it would be very difficult to track down unless you have cookies enabled on your browser. The anonymous nature also opens up opportunities for abuse, potentially paving the way for internet trolls and spreaders of fake news -- a problem that has put tech giants like Facebook and Google under scrutiny.

A vulnerability in Telegram has exposed the data of millions of people in Iran. Hackers in the country have compromised dozens of accounts by an SMS redirection hack, and also identified phone numbers of 15 million users, according to a report on Reuters. From the report: The attacks, which took place this year and have not been previously reported, jeopardized the communications of activists, journalists and other people in sensitive positions in Iran, where Telegram is used by some 20 million people, said independent cyber researcher Collin Anderson and Amnesty International technologist Claudio Guarnieri, who have been studying Iranian hacking groups for three years.As for the attack, hackers aren't targeting the encryption that protects messages between accounts, but how a phone number is tied to an account. When a user adds a new device to their Telegram account, the new device is confirmed through a one-time SMS message. Hackers are intercepting that SMS and cloning the data to a compromised device.

Update: Telegram reached out to Slashdot on Twitter with a link to a blog post that included:
Certain people checked whether some Iranian numbers were registered on Telegram and were able to confirm this for 15 million accounts. As a result, only publicly available data was collected and the accounts themselves were not accessed. Such mass checks are no longer possible since we introduced some limitations into our API this year. However, since Telegram is based on phone contacts, any party can potentially check whether a phone number is registered in the system. This is also true for any other contact-based messaging app (WhatsApp, Messenger, etc.). Read the rest of Telegram's official statement, including SMS codes allegedly being intercepted, here.

A vulnerability in Telegram has exposed the data of millions of people in Iran. Hackers in the country have compromised dozens of accounts by an SMS redirection hack, and also identified phone numbers of 15 million users, according to a report on Reuters. From the report: The attacks, which took place this year and have not been previously reported, jeopardized the communications of activists, journalists and other people in sensitive positions in Iran, where Telegram is used by some 20 million people, said independent cyber researcher Collin Anderson and Amnesty International technologist Claudio Guarnieri, who have been studying Iranian hacking groups for three years.As for the attack, hackers aren't targeting the encryption that protects messages between accounts, but how a phone number is tied to an account. When a user adds a new device to their Telegram account, the new device is confirmed through a one-time SMS message. Hackers are intercepting that SMS and cloning the data to a compromised device.

Update: Telegram reached out to Slashdot on Twitter with a link to a blog post that included:
Certain people checked whether some Iranian numbers were registered on Telegram and were able to confirm this for 15 million accounts. As a result, only publicly available data was collected and the accounts themselves were not accessed. Such mass checks are no longer possible since we introduced some limitations into our API this year. However, since Telegram is based on phone contacts, any party can potentially check whether a phone number is registered in the system. This is also true for any other contact-based messaging app (WhatsApp, Messenger, etc.). Read the rest of Telegram's official statement, including SMS codes allegedly being intercepted, here.