Slashdot Mirror

← Back to Stories (view on slashdot.org)

US Intelligence Agencies Tried To Bribe Our Developers To Weaken Encryption, Says Telegram Founder (twitter.com)

Posted by msmash on from the revelations dept.

In a series of tweets, Pavel Durov, the Russian founder of the popular secure messaging app Telegram has revealed that U.S. intelligence agencies tried twice to bribe his company's developers to weaken encryption in the app. The incident, Durov said, happened last year during the team's visit to the United States. "During our team's 1-week visit to the US last year we had two attempts to bribe our devs by US agencies + pressure on me from the FBI," he said. "And that was just 1 week. It would be naive to think you can run an independent/secure cryptoapp based in the US."

Telegram is one of the most secure messaging apps available today, though researchers have pointed flaws in it as well.

4 of 135 comments (clear)

  1. Don't trust US by qbast · · Score: 5, Informative

    Keep that in mind. If you are using VPN/encryption tool/secure communication network/etc. created by US based company, it is very unlikely that it is actually secure.

  2. Don't trust proprietary protocols by Cajun+Hell · · Score: 5, Informative

    It's not really about the US; the US government's behavior is merely helping to illustrate the deeper errors made by the users.

    If you are using VPN/encryption tool/secure communication network/etc. created by US based company, it is very unlikely that it is actually secure.

    More generally:

    If you are using an app created by a company, which is only compatible with itself rather than complying with a public spec, it is very unlikely that it is secure. (It's also pretty unlikely that it won't suck in other ways too.)

    Stop talking about apps, and start talking about protocols. Answer the "which of these apps works best for me?" question later, after protocol selection. If telegram doesn't work with anything else except telegram, then you can be pretty sure that telegram is the wrong choice.

    --
    "Believe me!" -- Donald Trump
  3. Comment removed by account_deleted · · Score: 5, Informative

    Comment removed based on user account deletion

  4. Re:Many eyes theory is mostly a myth by drinkypoo · · Score: 5, Informative

    Published source makes it a lot easier to spot problems with the code.

    Demonstrably false in most circumstances. Just because the code is available does not mean competent people are looking at it and finding bugs.

    Your logical fallacy is moving the goalposts. GP didn't claim that it meant that problems would be spotted.

    --
    "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"