Why You Should Stop Using Telegram Right Now (gizmodo.com)

← Back to Stories (view on slashdot.org)

Why You Should Stop Using Telegram Right Now (gizmodo.com)

Posted by msmash on Saturday June 25, 2016 @07:30AM from the curious-case-of-Telegram dept.

Earlier this week, The Intercept evaluated the best instant messaging clients from the privacy standpoint. The list included Facebook's WhatsApp, Google's Allo, and Signal -- three apps that employ end-to-end encryption. One popular name that was missing from the list was Telegram. A report on Gizmodo sheds further light on the matter, adding that Telegram is riddled with a wide range of security issues, and "doesn't live up to its proclamations as a safe and secure messaging application." Citing many security experts, the report states:One major problem Telegram has is that it doesn't encrypt chats by default, something the FBI has advocated for. "There are many Telegram users who think they are communicating in an encrypted way, when they're not because they don't realize that they have to turn on an additional setting," Christopher Soghoian, Principal Technologist and Senior Policy Analyst at the American Civil Liberties Union, told Gizmodo. "Telegram has delivered everything that the government wants. Would I prefer that they used a method of encryption that followed industry best practices like WhatsApp and Signal? Certainly. But, if it's not turned on by default, it doesn't matter."The other issue that security experts have taken a note of is that Telegram employs its own encryption, which according to them, "is widely considered to be a fatal flaw when developing encrypted messaging apps." The report adds:"They use the MTproto protocol which is effectively homegrown and I've seen no proper proofs of its security," Alan Woodward, professor at the University of Surrey told Gizmodo. Woodward criticized Telegram for their lack of transparency regarding their home cooked encryption protocol. "At present we don't know enough to know if it's secure or insecure. That's the trouble with security by obscurity. It's usual for cryptographers to reveal the algorithms completely, but here we are in the dark. Unless you have considerable experience, you shouldn't write your own crypto. No one really understands why they did that."The list goes on and on.

68 comments

Min score:

Reason:

Sort:

It should be obvious... by __aaclcg7560 · 2016-06-25 07:34 · Score: 5, Funny

The railroads are still here. Shouldn't be surprising that telegrams are still around almost two centuries later.
https://en.wikipedia.org/wiki/Telegraph
1. Re: It should be obvious... by Anonymous Coward · 2016-06-25 07:40 · Score: 0
  
  Best comment of the year
2. Re:It should be obvious... by Anonymous Coward · 2016-06-25 07:58 · Score: 0
  
  The railroads are still here. Shouldn't be surprising that telegrams are still around almost two centuries later.
  https://en.wikipedia.org/wiki/Telegraph
  So are marbles. And the wheel. Don't forget we invented the wheel way before the telegram.
  I love blueberries.
3. Re: It should be obvious... by __aaclcg7560 · 2016-06-25 08:21 · Score: 2, Interesting
  
  Nice try OP, your comment was straight garbage.
  I never post as AC. I don't have problem standing behind my opinions. Unlike some people.
4. Re: It should be obvious... by Anonymous Coward · 2016-06-25 08:38 · Score: 0
  
  Ok, I take it back, "sometimes" I post as AC to make my self look better, but it's something generalized and dumb like "best comment ever", so everyone still knows it's me.
5. Re: It should be obvious... by __aaclcg7560 · 2016-06-25 08:43 · Score: 0
  
  Ok, I take it back, "sometimes" I post as AC to make my self look better, but it's something generalized and dumb like "best comment ever", so everyone still knows it's me.
  Nope. I don't work that way.
6. Re: It should be obvious... by Anonymous Coward · 2016-06-25 08:50 · Score: 0
  
  *except when I'm forced to because my comments are the best. ;)
7. Re: It should be obvious... by __aaclcg7560 · 2016-06-25 09:02 · Score: 1, Offtopic
  
  *except when I'm forced to because my comments are the best. ;)
  Yawn...
8. Re: It should be obvious... by __aaclcg7560 · 2016-06-25 09:16 · Score: 0
  
  Stop talking to yourself, OP!
  I'm not the AC masturbating in public.
9. Re: It should be obvious... by Anonymous Coward · 2016-06-25 14:17 · Score: 0
  
  I hope you covered your mouth.
10. Re: It should be obvious... by Anonymous Coward · 2016-06-25 14:19 · Score: 0
  
  No, you delete your account, AC.
Telegram is still useful by Anonymous Coward · 2016-06-25 07:46 · Score: 0

How else would I wire a Western Union money transfer? Pony express doesn't cut it for me.
Wow. I'll definitely stop using it by Anonymous Coward · 2016-06-25 07:50 · Score: 0

And I'll even uninstall it. Now, WTF is Telegraph again?
Never Heard Of Any Of Theae by Anonymous Coward · 2016-06-25 07:54 · Score: 0

Who needs this instant messaging thing? The Bly person I know is mom, and I can just tell upstairs for her.
What about Telex by Anonymous Coward · 2016-06-25 07:55 · Score: 0

What about Telex. My company's business cards still have a Telex number on them.
Security by obscurity is fine by Anonymous Coward · 2016-06-25 07:58 · Score: 1

Publicly criticizing them and their users, is not.
1. Re:Security by obscurity is fine by NotInHere · 2016-06-25 08:11 · Score: 5, Informative
  
  Also, it does not at all apply here. Telegram not just publishes documentation how their protocol works, but it also releases the full source code: https://telegram.org/apps#sour...
  So even if the mtproto documentation would have a flaw or be not precise enough to fully specify the behaviour (and that often happens!), you could still look into the source code to find out what actually happens.
2. Re: Security by obscurity is fine by Anonymous Coward · 2016-06-25 09:01 · Score: 0
  
  Obscurity and published source. WTF...
Why I *do* use Telegram by NotInHere · 2016-06-25 08:04 · Score: 4, Interesting

Its the only messenger that:
1. can be used without gapps spyware
2. is halfway popular
3. has the source code released under a open source license
4. has authors who tolerate third party clients connecting to their server. This is not the case for Whatsapp, and also not the case for signal
Thanks to 1 and 3, telegram is available in the f-droid app store. This is why I use it, and I don't want to install software from third party stores like google play or sideload apps.
Yes, the encryption is not perfect, but I prefer that over having to install google spyware that would be required for signal for example.
1. Re: Why I *do* use Telegram by amiga3D · 2016-06-25 08:13 · Score: 3, Insightful
  
  It's not paranoia if they really are out to get you.
2. Re:Why I *do* use Telegram by Anonymous Coward · 2016-06-25 08:21 · Score: 0
  
  This, and actually I enjoy:
  - User-customizable sticker packs;
  - Bots;
  - Channels;
  - Any file format sharing;
  - Really, really easy interoperability between devices, desktop app, web app, etc.
3. Re: Why I *do* use Telegram by NotInHere · 2016-06-25 08:22 · Score: 1
  
  Well, if I were a dissident or something, then I wouldn't use telegram, but probably signal or something else.
  But I am more concerned about software freedom, and avoiding google proprietary apps on my phone. And for that, telegram is the only choice. There are other messengers which use proper encryption and value freedom as well, but they are even less popular than telegram.
  I do not say that telegram is perfect or that its encryption is safe (I can't tell for myself), but for me personally its better than signal or something else.
4. Re:Why I *do* use Telegram by Anonymous Coward · 2016-06-25 08:28 · Score: 0
  
  > 1. can be used without gapps spyware
  1) GCM client libs are open source. https://github.com/google/gcm You interact with GCM through a REST or XMPP API. You can trivially swap out GApps for one of the GCM-only alternatives, rebuild Signal, and point it to OWS's servers. (If you're building Signal from scratch and using it, rather than repackaging it and advertising it as something other than Signal, OWS is perfectly happy for you to point your client at their servers.)
  2) If you're concerned about traffic analysis, *anyone* between you and your conversation partner can snarf that data. Signal (and others) protects your conversation contents, not your addressing information. Thwarting a dedicated traffic analysis adversary is *very* hard, and Signal (and every other such messenger) has *always* claimed to protect only conversation contents, rather than addressing information.
  3) If you don't trust Google enough to send securely-encrypted data through their data shipping service, you should absolutely *not* be using an OS that they author. After all, GOOGLE HAS ROOT on EVERY Android image that they sign and has authored an ENORMOUS quantity of the code running as root in any Android image.
  Seriously.
5. Re: Why I *do* use Telegram by HornyBastard · 2016-06-25 08:51 · Score: 1
  
  Just because you're paranoid, it does not mean they are not out to get you
  
  --
  Death has been proven to be 99% fatal in lab rats.
6. Re: Why I *do* use Telegram by johanw · 2016-06-25 09:14 · Score: 5, Informative
  
  You could always use Silence (https://github.com/SilenceIM/Silence): it is a fork of Signal that uses only sms/mms, so no gapps required or used. They forked after Signal dropped the encrypted sms option.
7. Re:Why I *do* use Telegram by NotInHere · 2016-06-25 09:26 · Score: 1
  
  1) GCM client libs are open source. https://github.com/google/gcm You interact with GCM through a REST or XMPP API. You can trivially swap out GApps for one of the GCM-only alternatives, rebuild Signal, and point it to OWS's servers. (If you're building Signal from scratch and using it, rather than repackaging it and advertising it as something other than Signal, OWS is perfectly happy for you to point your client at their servers.)
  Maybe OWS would agree with that, but would google? Is use of the GCM service legal if you don't have a valid gapps license?
  Also, I don't really know where OWS draws the line, whether a howto posted somewhere on the internet how to download + build without gapps is okay, or whether pushing the modifications to a git repo somewhere is okay. At which degree does it become a separate "product"?
  Also, if you donwload via git and build it yourself with your own modifications, then its surely harder to update than if you just download the updated version from some fork, which may be updated in a faster fashion. Lagging behind is the major critique points of forks by moxie.
  Also, part of the reasons why OWS doesnt want an f-droid build of the app apply for "download from upstream git + do the modifications yourself" as well: you can always switch to older versions.
  
  2) If you're concerned about traffic analysis, *anyone* between you and your conversation partner can snarf that data. Signal (and others) protects your conversation contents, not your addressing information. Thwarting a dedicated traffic analysis adversary is *very* hard, and Signal (and every other such messenger) has *always* claimed to protect only conversation contents, rather than addressing information.
  I am not against sending addressing information to OWS, but I am against sending addressing information to google. It will end up in the government's hands any way, but OWS won't use the info for ad profiling and similar things. Google is fairly nice with the data of its users, but still i prefer to not hand it over in such a dependent way.
  
  3) If you don't trust Google enough to send securely-encrypted data through their data shipping service, you should absolutely *not* be using an OS that they author. After all, GOOGLE HAS ROOT on EVERY Android image that they sign and has authored an ENORMOUS quantity of the code running as root in any Android image.
  There is a difference between sending unique ids to a service which google owns, and using their operating system. I doubt that google has any reason to put backdoors or something into its source code.
8. Re:Why I *do* use Telegram by Anonymous Coward · 2016-06-25 09:56 · Score: 0
  
  > Is use of the GCM service legal if you don't have a valid gapps license?
  Yes. Read the official GCM (now called FCM) docs.
  > At which degree does it become a separate "product"?
  When you make significant changes to it and ship it to others. Switching from GApps to another GCM interface library isn't a significant change. If you're really interested in the answer to your questions, you can do a bit of digging to find the relevant GitHub Issues where Moxie has spoken about the issue.
  > if you donwload via git and build it yourself with your own modifications, then its surely harder to update than if you just download the updated version from some fork, which may be updated in a faster fashion. Lagging behind is the major critique points of forks by moxie.
  Set a cron job to "git pull master" once an hour and send you a message when there are changes. You could even have the cron job merge the changes and build a new image for ya, too. Don't forget that the situation I described is *you* building a GApps-less version of Signal for your own *personal* use. You can use all *sorts* of automation to make keeping up with changes trivial when you don't have to worry about keeping other people's systems up-to-date.
  > I am not against sending addressing information to OWS, but I am against sending addressing information to google.
  Remember that you don't have any sort of formal relationship with the admins of the networking equipment that lies between you and your conversation partner. When you use The Internet, you reveal your intent to communicate with a remote party to your ISP, their ISP, and every single network operator on the Tx and Rx paths between those two points. (Using a VPN only has the effect of changing who your ISP is.)
  I bet you a million dollars that at least *one* of the operators between you and most any other conversation partner is *significantly* less trustworthy than Google. *cough* https://en.wikipedia.org/wiki/Room_641A *cough*
  > There is a difference between sending unique ids to a service which google owns, and using their operating system. I doubt that google has any reason to put backdoors or something into its source code.
  Sing it with me: "If you don't trust Google enough to send securely-encrypted messages through their data shipping service, you don't trust them enough to run an OS on which they have ultimate control and -if they aren't trustworthy- can see everything you do.". Any other position is so inconsistent as to be nonsensical.
  Also: If Google *actually* isn't trustworthy, what's to say that Android(TM) images don't contain baked-in spyware that's not included in the AOSP repo? I mean, that's *really* what people's objections to the Google Apps package boils down to. So, refer back to the song in the previous paragraph.
9. Re: Why I *do* use Telegram by Anonymous Coward · 2016-06-25 10:21 · Score: 0
  
  "...it is a fork of Signal that uses only sms/mms"
  > Complains that Google might perform conversation metadata analysis on securely-encrypted conversation data packets
  > Uses a data transfer method that the FBI, NSA, and anyone else with access to the SS7 network can intercept and retain *forever* _without a warrant_, because SMS and MMS are "just metadata".
10. Re:Why I *do* use Telegram by Anonymous Coward · 2016-06-25 10:27 · Score: 0
  
  Signal. Signal. Signal.
  Did you even read the entirety of the quoted blub, let alone explore any of the links?
11. Re: Why I *do* use Telegram by Koen+Lefever · 2016-06-25 11:22 · Score: 1
  
  It's not paranoia if they really are out to get you.
  That's not Telegram but Telefon.
  
  --
  /. refugees on Usenet: news:comp.misc
12. Re:Why I *do* use Telegram by maztuhblastah · 2016-06-25 13:48 · Score: 2
  
  You mean aside from Silence, which
  1) Is entirely open source.
  2) Is based on SMS, not IP (plus or minus, depending on whether you view SMS as being the more universally-available transport in your area)
  3) Does not have a central server.
  4) Supports easy, in-person key exchange.
  5) Requires no Google anything, and is the default messaging app for several Android spins that have no Google integration.
  
  --
  The real litigious bastards...
13. Re: Why I *do* use Telegram by corychristison · 2016-06-25 14:18 · Score: 1
  
  I use Telegram for.convenience. Not because sharing gifs with my wife needs to be ultra secure, or anything.
  Having clients available everywhere is what got my attention also the fact it "Just Worksâ" for my needs.
14. Re:Why I *do* use Telegram by NotInHere · 2016-06-25 15:19 · Score: 1
  
  Yes. Read the official GCM (now called FCM) docs.
  You seem to know the situation far better than me, so its probably easier for you to navigate around. Can you give a specific link or something?
  
  you can do a bit of digging to find the relevant GitHub Issues where Moxie has spoken about the issue.
  It would be best to have a list of stuff moxie right now considers as okay or not somewhere on github or sth, his opinions on matters do change. If he said something three years ago then that may be something completely different.
  Probably the advantage is on my side, due to me doing the customisations just for me, I probably succeed to stay under the radar, and won't get noticed by any of the OWS people. Still, I'd prefer to be on the "green" side rather than relying on a patchwork of hacks.
  
  Set a cron job to "git pull master" once an hour and send you a message when there are changes. You could even have the cron job merge the changes and build a new image for ya, too. You can use all *sorts* of automation to make keeping up with changes trivial when you don't have to worry about keeping other people's systems up-to-date.
  This might be the kind of thing that gentoo and lfs users do like to do, but I do not. I am more the debian style person where the distro provides me with a build that has been aligned with some criteria. The f-droid criteria are very minimal, they only require the app to be fully open source. But moxie seemingly rejects it because he thinks the criteria aligned build is another product, and because he doesn't like some aspects about f-droid.
  I mean its perfectly fine if there is no signal app in f-droid. If moxie doesn't want an app to connect to his network service for any reason, then that's his choice as the owner of the network service. Its against the thought of the open internet and many things that were developed there, but I also understand that maintaining and scaling the service costs money, and this whole "developing protocols" argument. I'd say as long as third party builds of signal are in a tiny minority, it won't matter much for the service to do hard breaks of the protocol, forcing the maintainers of the third party builds to update it, but seemingly moxie has another position on this.
  I mean before he interacted with cyanogen, which he had a contract or at least a deal with. But to third party open source projects he can be as mean as he wants, and suddenly migrate all the service infrastructure, without asking or waiting for those third parties. As he is in control of most of the network, nobody will really care.
  But I won't use signal. I've had an app with custom patches applied before, and from that experience I know that updating it isn't really joyful. Maybe its different for gentoo users. I'm not one of them.
  
  what's to say that Android(TM) images don't contain baked-in spyware that's not included in the AOSP repo?
  I am not using manufacturer provided ROMs, but third party ones where the sources are all available. I trust the third parties, just as I trust my linux distribution vendor. You need a trust anchor *somewhere*.
15. Re:Why I *do* use Telegram by NotInHere · 2016-06-25 15:29 · Score: 1
  
  Well SMS has lots of bad properties, one being that lots of bad guys have access to at least metadata.
  Also, it costs money. If you tell your contacts "look this costs money", they surely won't like it.
  SMS is alot like the CA system in many ways: outdated, overpriced, old, insecure and broken.
16. Re:Why I *do* use Telegram by MRZA · 2016-06-25 16:02 · Score: 1
  
  Why I don't use Telegram:
  It knows my phone number. All this crypto is useless then you are not anonymous.
  It's centralized. It's very bad idea to use centralized services because it's a weak point. Use only federated services.
17. Re:Why I *do* use Telegram by NotInHere · 2016-06-25 16:18 · Score: 1
  
  Well yes anonymity is a problem about phone numbers, but they are really convenient to use for most users. Their whole address book can be re-used if you have the phone number.
  And about centralisation: centralized services are as well more convenient for the users. With federation you will need an @ some way or another (or you will get totally randomly generated usernames, which is shit too). The only escape here seems to be namecoin, but then your address info is public, which maybe is something not everybody will want. Also, namecoin is a giant energy waste, and more than 90% of the bitcoin hashing power is controlled by less than 15 chinese individuals, so it isnt really distributed either these days.
18. Re:Why I *do* use Telegram by Anonymous Coward · 2016-06-25 18:16 · Score: 0
  
  telegram is spyware by usa sends everybody straight to nsa.
  whatsapp is facebook shit.
  skype is ms shit.
  chatsecure, tor messenger, signal aint bad but are still relatively centralized and weak to some things.
  tox.chat is also interesting.
  so is guardianproject stuff.
  ricochet is what you should be trying out these days.
19. Re:Why I *do* use Telegram by derrickoswald · 2016-06-25 18:21 · Score: 2
  
  Is it just me or does anyone else view the timing between these reports and Google I/O a month ago launching Allo a little suspicious?
  
  Alphabet marketing person: "Yeah, it would be good in the timeline if there was a review the month after I/O, to legitimize Allo as one of the major players in the messaging App space."
  Intercept editor: "The optics wouldn't be good if it was just a review of one App. We could do a comparison of the 'top ten' Apps."
  Alphabet: "Make it the 'top three'."
  Intercept: "We would have to have the review about security then, otherwise we couldn't legitimately include Allo."
  Gizmodo editor: "We could follow up with articles about the ones excluded, like FB Messenger and Telegram."
20. Re:Why I *do* use Telegram by MRZA · 2016-06-26 00:34 · Score: 1
  
  I thinks it's a security problem if such apps have access to user's phonebook. On Android I always deny apps from accessing my phonebook. Why do they want to know my contacts? They shouldn't!
  
  In case of XMPP your username looks like yourname@someserver.tld. Looks like email. I see no problem here. Random IDs just give you more anonymity. You always have a choice.
21. Re: Why I *do* use Telegram by Anonymous Coward · 2016-06-26 04:10 · Score: 0
  
  You've got a kind of perfectionist fallacy going on here. I'm not installing GAPPS onto my Replicant OS. Now fuck off.
22. Re:Why I *do* use Telegram by Anonymous Coward · 2016-06-27 02:20 · Score: 0
  
  Use conversations
  - open source
  - open protocol
  - many open clients available
  - federated
  - many public servers online
  - many open server implementations available
  - already a big user base
  - support pgp, otr and axolotl encryption
All right! by 93+Escort+Wagon · 2016-06-25 08:39 · Score: 0

We can all just re-post pretty much the exact same comments we made a few days ago! Woo hoo!

--
#DeleteChrome
1. Re: All right! by Anonymous Coward · 2016-06-25 09:02 · Score: 0
  
  One of the comments noted that the same criteria (end to end encryption by default) was used to disqualify Telegram while not affecting the inclusion of Google's product which suffers from the very same feature.
  The purpose of this and that previous article is obvious.
2. Re: All right! by johanw · 2016-06-25 09:20 · Score: 1
  
  Yes, that's obvious an advertisement. However, I think "Allo" will become just as popular as Google+ or Hangouts - both have ignorable market shares in the messenger market. At lease Telegram has something of a user base. Signal is nice but their user base is too small yet. Fortunately WhatsApp uses their protocol now.
3. Re: All right! by Anonymous Coward · 2016-06-25 09:33 · Score: 0
  
  It is more than an advertisement:
  "Telegram has delivered everything that the government wants."
  Meanwhile we have Google Groundwork helping Hillary steal the presidency.
Asinine headline by goombah99 · 2016-06-25 09:11 · Score: 1

DOn't we get enough one-weird-trick, and you-wont-believe-what-happened-next headlines elsewhere. Et tu, Slashdot?

--
Some drink at the fountain of knowledge. Others just gargle.
Bullshit by Brethil · 2016-06-25 09:20 · Score: 1, Informative

I'll just leave this here. https://telegram.org/faq#q-how...
bah. by Anonymous Coward · 2016-06-25 11:48 · Score: 0

Reads like a hit piece.
So you have to push a couple settings buttons. Big deal. In 'secret chat' the msgs arent stored anywhere while also being encrypted. Should be default, but whatever.
For gizmodo, of all places (gawker, adspy shithole) to come down on telegram is absurd.
STOP USING WHATSAPP AND SKYPE. USE TOX TODAY. by Anonymous Coward · 2016-06-25 12:56 · Score: 0

https://github.com/tux3/qtox
Security + P2P style app. Windows, Android and Linux.
But I can't! by Anonymous Coward · 2016-06-25 16:30 · Score: 0

But I can't, there's no way I can stop using it.
BTW, WTF is telegram?
Better headline by dbIII · 2016-06-25 16:34 · Score: 5, Funny

Why You Should STOP Using Telegram Right Now STOP
Has the NSA some problems to sniff on Telegram? by Anonymous Coward · 2016-06-25 20:50 · Score: 0

I have the feeling that this has been made up by someone to weaken the spread of Telegram. If their encryption is so insecure, why haven't they brought out software or tools that proof it? They didn't because by now they haven't been able to do it. Home made encryption can be as secure as any other.
No secure chat via computer, only phones by GrBear · 2016-06-25 23:51 · Score: 1

I'm still curious why the option for "secure chat" in Telegram only exists for handsets, but not the desktop apps.
1. Re:No secure chat via computer, only phones by Anonymous Coward · 2016-06-26 00:44 · Score: 0
  
  It's there in the official Mac app, I use it daily. No idea why they didn't implement it on Windows.
2. Re:No secure chat via computer, only phones by jours · 2016-06-26 03:09 · Score: 1
  
  Best explanation seems to be that they were concerned about portability of the chats between desktop and handset (they wouldn't be.) There are 3rd party clients that implement it.
  
  --
  This sig intentionally left blank.
3. Re:No secure chat via computer, only phones by Anonymous Coward · 2016-07-09 11:34 · Score: 0
  
  The Cutegram (http://aseman.co/en/products/cutegram/) Telegram client has secret chats too. Available for Windows, OSX and Linux
WhatsApp is far worse by Anonymous Coward · 2016-06-26 04:25 · Score: 0

It messes with about everything on my Android phone: images, calls, messages, contacts. Never had that with Telegram.
Telegram is also nice to use on a PC and/or tablet and great to share images and files.
According to the FAQ's all chats are already encrypted, you can activate an extra layer to get end-to-end encryption (secret chats).
Crypto-snake-oil claims are overstated by Anonymous Coward · 2016-06-26 05:43 · Score: 0

I would prefer Telegram use the Textsecure protocol, too, but "homegrown," "fatal flaw," and "no proof of security" all go too far.
- it is "homegrown" in that it was written by a couple smart guys and reviewed by a lot more, just like Textsecure. Basically Textsecure guys have more friends than Telegram guys, so a bigger name when they say "I reviewed it," and more cryptographers willing to "review" it which is basically vouching for it. Certainly you will get famous for finding a Telegram flaw, so I'm sure many grad students have reviewed it, just not "reviewed" it. I think vouches from fashionable cryptographers are a legit security advantage, but it's also a cool-kids-club. There is a mailing list exchange somewhere I can't find where Marlinspike "reviews" Telegram and can't find anything substantively wrong with it, but tries to make it sound like he can by repeatedly calling for more reviews, and pointing at things and saying "well you didn't do what I did here, so you're using less fashionable crypto which should be considered dubious"---less fashionable == not what we did, is basically a tautology because crypto is dominated by big names, and Trevor Perrin / axolotl is in fashion this half-decade. Telegram guys were arguing a lot more fairly on this thread, while Marlinspike played to the peanut gallery, and I say that as someone who doesn't use their app and does use Textsecure. Maybe someone can find this mailing list thread? I can't. :(
- yes, roll-your-own is a "fatal flaw," but the phrase makes it sound like there is already a known exploit when there isn't. iMessage has the same fatal flaw. And we have only Facebook's word that WhatsApp really uses textsecure's protocol, with some suggestions it doesn't ("same key for every user"): https://www.reddit.com/r/Android/comments/3sq4c3/whatsapp_reneges_on_their_promise_of_true_message/ so again, they are really picking on the Telegram guys, throwing every piece of shit against them to see what will stick.
- "no proof of security"---there is no such thing as "proof" of security. There are proofs of correctness for programs, which would mean assuming the crypto primitives behave in some abstractly ideal way, of which we have no proof.
It is really unfair to Telegram.
Unfortunately for them, who cares? I see no reason we should be fair to them, other than to practice arguing fair generally because it's a good skill to have. But Telegram is a silly proprietary app. "Chat concepts" have little value compared to network effects, which means that fully open should be the #1 requirement obliterating all others. Even Textsecure is too closed because the federation isn't automatic like it was for XMPP, and there's no good reason for this limitation other than their (also app-fashionable and broken) insistence on the phone number namespace. but Telegram is even more closed: they are trying to build a following and get famous by trapping people in their walled garden. Fuck all these people. Don't use Telegram, but the #1 reason to not use it should be "no client source, no federation," and #2 reason could be, "not using the era's most fashionable and thus best studied crypto solution to a very simple problem, when they should."
1. Re:Crypto-snake-oil claims are overstated by RockDoctor · 2016-06-26 07:21 · Score: 1
  
  Given a choice between the advice of an AC and the advice of every encryption specialist I've heard of since Phil Zimmermann wrote his "snake oil" warnings in 1991 ... you know, I think I'll pass on the AC.
  
  --
  Birds are not dinosaur descendants;birds are dinosaurs, for all useful meanings of "birds", "are" and "dinosaurs"
Yeah STOP OMG STOP PLEASE! by GeekWithAKnife · 2016-06-26 09:18 · Score: 1

Remember, Telegram only promises high grade encryption for Secret Chats.

This is something you get for free with Telegram and no big corporation can spy on you.

Sorry, you should be very upset about the lack of spying in Secret chats. Stop using Telegram right now before you continue!

You should immediately use WhatsApp which uses your data in ways that will make you shit yourself.

Oh, and also; PLEASE PLEASE PLEASE stop using Telegram. A huge consortium of eaves dropping government bodies and gigantic greedy corporations know what's best for you.

Thank you for your cooperation netizen.

--
A 'singular oddity' is an event that cannot be explained and only happens when you are alone.
Why trust Facebook or Google? by Anonymous Coward · 2016-06-26 21:21 · Score: 0

I'm sure both Facebook and Google collect information on your conversations before they are encrypted since both are known to gather information for third parties as well as the NSA. They also gather your contact list and metadata on who you have conversations with.