- cross-posted to:
- [email protected]
- [email protected]
- [email protected]
- cross-posted to:
- [email protected]
- [email protected]
- [email protected]
You must log in or # to comment.
The two decisions Telegram made (choice of infrastructure provider who happens to cooperate with the Russian FSB, and attaching a cleartext device identifier to encrypted messages) taken together reinforce surveillance capability of the FSB considerably more strongly than either of these decisions would have on its own.
What jurisdiction does the FSB have over you? None, and it has zero interest in helping those that do. This is the rationale for not worrying about backend security on Telegram. Transport security is a another question.
Assuming everybody in this community is an nth-generation American citizen, maybe the FSB itself doesn’t endanger you. But this blog post was not written with only you in mind.
I would encourage you to read more than the title of a blog post before you critique it. At least skim around. 😉
I’m not American. The fact is that the FSB is only a threat to those with Russian citizenship or who live within the Russian Federation. Let’s be real: that’s not the vast majority of people reading this.
I would encourage you to read more than the title of a blog post before you critique it. At least skim around.
Thank you for the condescending advice, and you’re correct that I didn’t read it - but in this case, why would I bother? The argument is right in the title, it’s been made a hundred times before, and apparently needs refuting 100 times too. There are reasons for Westerners not to use Telegram. This isn’t one of them.
The fact is that the FSB is only a threat to those with Russian citizenship or who live within the Russian Federation
Two things:
- Your focus on FSB this, FSB that is based on your refusal to read past the title
- Maybe you missed it, but Russia is engaged in a war of aggression against Ukraine (a country where people use Telegram). Not only is this a good reason for Ukrainians to not use it, but the post makes a compelling case that nobody should (see: network effect).
There are reasons for Westerners not to use Telegram.
And if you read the blog, you’d have seen them.
It’s hard not to be condescending when you proudly wallow in self-induced ignorance.
Telegram’s dangers extend not just as far as Russia’s sphere of influence, but also the spheres of influence of every country that has secretly been collecting data with their express assistance. We discovered recently that Pavel Durov was hiding this fact for a long while…
The article unfortunately isn’t much better when read in it’s entirety. A unique identifier is sent along with an encrypted payload. The entire set is then encrypted again in transit. But the author claims the identifier is sent “cleartext”.
This coupled with repeated “russian bad” comments peppered throughout. Article is bad.
The entire set is then encrypted again in transit.
Citation? The author of the article provides theirs, and a cursory glance at the chart that telegram themselves provides reveals that the authentication key is not encrypted at all.
Here’s the part of the article you may have missed that clarifies why that’s actually a huge issue:
This enables anyone who has sufficient network visibility and a bit of dedication to identify traffic originating from a given user device.
IStories found evidence that all network communication to and from Telegram’s infrastructure go through a company linked to the Russian FSB. This would provide the kind of network visibility that combined with auth_key_id would allow it to identify traffic coming from specific users, globally.
Why exactly did Telegram create a proprietary messaging protocol that uses this “surprising and unnecessary protocol design choice, present neither in Signal nor WhatsApp”?
Maybe it was just a huge coincidence, compounded by other huge coincidences. You tell me. You have the opportunity to blow this article wide open.
Fsb serves dual functions intnernal and external like NSA/FBI and CIA
While it is less of a threat than your domestic spook Joe, it is atill a spook, ivan
