Comment by codedokode

3 years ago

[flagged]

I'd like to add that MTProto is impossible to MITM because there are no trusted third parties. The handshake that happens before the user logs into their account includes a step with RSA. The public keys for that step are hardcoded into clients.

To anyone who wants to complain about Telegram not encrypting chats by default and using "homebrew crypto" I'd like to say that it's XMPP we're discussing here. Telegram offers marginally better security than XMPP over TLS. The "homebrew crypto" is still not broken in 10 years and not for the lack of trying.

  • > Telegram offers marginally better security than XMPP over TLS.

    I think you should compare apples to apples, that is, end-to-end encrypted XMPP using OTR/OMEMO/PGP. However, I agree that many XMPP clients were UX disaster when using E2E.

    • End-to-end encrypted XMPP should be compared to Telegram's secret chats then. Both are opt-in and both aren't very popular among users of these services.

      1 reply →

    • XMPP over TLS is secure though. Of course that is for the transport as the name implies. The difference to e2e is the same. Although if one party of any e2e exchange is compromised, you would have similar problems.

  • > The public keys for that step are hardcoded into clients.

    Yeah, and the private keys are shared with Roskompozor.

The same Telegram that leaks your IP?

https://techcrunch.com/2023/10/19/telegram-is-still-leaking-...

  • And if you call someone, they can get your phone number!

    Your IP address is public. Stop treating it like a secret.

    • Why don't you post yours? ;) Open up a TCP server on port 13729 for verification.

      And no, your IP should not be made public in any modern chat app, that's ridiculous. The fact that Discord protects your IP from leaks is at least half of the reason it's so successful.

      2 replies →

  • > The popular messaging app Telegram can leak your IP address if you simply add a hacker to your contacts and accept a phone call from them.

    Peer-to-peer communication reveals people's IP addresses to each other, what a sensational revelation! By the way, water is wet.

    • Since Telegram claims to be a secure messaging app, while leaking private details and since you used to work at Telegram, maybe stfu.

      All voice can be E2E thru servers, like Signal does.

      5 replies →

Has Telegram been audited? Does it encrypt by default?

  • Did audit help Let's Encrypt to prevent issuing fake certificates? Such audit is useless. SSL infrastructure security is in a much worse state than Telegram's yet nobody seems to notice it. If any large ISP can issue fake certificates by doing MitM then this system is compromised completely. What's the point of having SSL if basically anyone can MitM it?

    To be honest, Telegram using homemade crypto instead of relying on standard approaches like CA certs turned out to be good solution in the end. Apps should stop trusting CA and should hardcode public certificates instead.

    • Apples and oranges? Let's Encrypt is a bandaid for a (possibly inevitable) architectural weakness, one serving browsers which must communicate with a world of unfamiliar servers. Telegram is a messaging app primarily meant for communicating among people and groups one already knows.

      Regardless, using open and verified cryptographic primitives is a best practice for a reason. As are audits. The likelihood any company can start from scratch and produce a flawless solution is a number approaching zero.

      I'd feel much more comfortable with something using Signal protocol. Ideally built from independently audited source.

Telegram? Not Signal or Matrix?

  • Signal has massive usability issues: requires a phone number, requires a primary Android or iOS devices, can’t register multiple Android or iOS devices, requires Google Play services for notifications unless you get the APK which drains your battery (a fork, Molly, no supports UnifiedPush tho).