← Back to context

Comment by dakolli

4 hours ago

Telegram has nothing to do with Russia, other than having a Russian founder, and the Ukrainian military has literally relied upon it in the past, along with many Ukrainian civic services. You people are just racist towards Russians and need help.

Based on the analysis of packet captures above, I believe it is clear that anyone who has sufficient visibility into Telegram’s traffic would be able to identify and track traffic of specific user devices. Including when perfect forward secrecy protocol feature is in use.

This would also allow, through some additional analysis based on timing and packet sizes, to potentially identify who is communicating with whom using Telegram.

I love how the author of your honeypot blog post has nothing concrete other than potential attack vectors and is like "Well this is obviously a Russian honeypot" with no evidence what so ever other than a claim that there are plain text device identifiers, which is something the FSB would do. [insert clown emoji]. You can do similar attacks on signal and whatsapp.. Why is it that the Russian one bothers you so much?

>Ukrainian military has literally relied upon it in the past

Well they realized their mistake and banned Telegram's use on state issued devices in 2024 https://www.bbc.com/news/articles/c78dwepw95do

I'm not going to speak for the author of that article. But I agree with his conclusion. Telegram is indistinguishable from a honeypot.

In the world of infosec, stuff isn't secure until someone proves you wrong (which you reject assuming racism). Stuff is secure when you prove it's secure.

Practically every major secure messaging app vendor has proven they can not be a honeypot, by end-to-end encrypting their communications, offering open source clients with public key fingerprints to verify that end-to-end encryption is working correctly.

Telegram hasn't done that. Telegram's lack of end-to-end encryption, paired with zero effort for metadata protection (not even stuff like sealed sender) shows they don't give a damn about actual security.

But what they do is also what an FSB op would do.

* It would advertise "heavily encrypted" and bash WhatsApp day after day convincing average Janes and Joes about it being really really secure, and confuse readers who take a closer look, with claims of all chats using MTProto but also calling both client-server and end-to-end encryption protocols MTProto.

* It would construct a narrative that the face of the app is a rebel dissident in exile.

* It would be banned temporarily or poorly

* It's role would be obfuscated by releasing an obviously backdoored app like Max, to make Telegram seem safe compared to it. Like Russian intelligence really believed they could use Max to monitor Russian dissidents. FSB isn't dumb. Russian military deception is world famous. https://en.wikipedia.org/wiki/Russian_military_deception

The backdoor sits in the fact nothing is end-to-end encrypted, groups can't be E2EE, but troll army can still defend it, claiming it does have 1:1 E2EE if you want. Yes, it does, if you really want the highest friction UX possible. People try and drop secret chats when they want to be able to alt-tab into the conversation instead of digging into their phones 100 times a day. This backdoor is ingenious because the users can only blame themselves when their 1:1 messages end up to the server.

A good messaging app creator knows this, so they make E2EE default so that users don't encounter such friction. E.g. Signal allows you to have E2EE 1:1 and group chats between all of your devices. That's what proper privacy by design looks like. Would Telegram do that, they would've proven they stand for their users, and I'd actually recommend them.

Data is a toxic asset. Even if Telegram isn't a honeypot, it's a massive data collecting apparatus, that has all that data sit on its servers, from which the hacking team of any major intelligence agency can access it en mass. That's the life of 1B users worldwide. So ultimately, it doesn't even matter if Telegram is a honeypot, it's equally usable to https://en.wikipedia.org/wiki/Fancy_Bear or NSA TAO or whoever.

Also, https://dfrlab.org/2018/02/15/putinatwar-how-russia-weaponiz... shows Russian troll army is using russophobia as a narrative online.

This isn't about hating on Russians. This is about Durov not passing the minimum bar of what modern secure communication is about.

You've so far claimed telegram is the best with nothing to back that claim, ignored every counter argument, attacked argument of someone other than me, and you're now replaying Russian government shill tactics to try to rally people behind you for emotional reasons, when I'm explicitly giving technical critique.

  • The ban is just there so every village cop may have something against you if they need it.

    Besides that, they know and, as it seems, to be happy about it's wide availability and information.

    Having their own app, they obviously also use for their causes, is just a cookie for the patriots.

>You people are just racist towards Russians and need help.

That doesn’t exclude the statements about Telegram to be correct though. That is, if some hater against whatever group say 1+1=2 or water is wet, what’s the conclusion?

>You can do similar attacks on signal and whatsapp.

Well yes. Don’t trust devices, they are not humans, they don’t qualify. They can at most have some degree of reliance for some purpose. But assuming that all devices out there are powned by some external parties is a rather sound security baseline approach.

>Why is it that the Russian one bothers you so much?

One don’t need to bother more on any specific oligarchy really, they all use their fellow humans like disposable pawns.

  • > You people are just racist towards Russians and need help.

    >> That doesn’t exclude the statements about Telegram to be correct though.

    just attack the telegram from the technical standpoint, then no complains about "racist towards russians" will be given. Like, mentioning the lack of user-friendly E2EE is great already. Saying things like "Durov who supposedly lives in exile has visited Russia over 50 times" is meh. How can one intepret it in any other way is "Russia is evil and visiting Russia is thus evil"?

    and regarding the cracking contests — one of the telegram bugs was actually uncovered this way, see https://habr.com/ru/articles/206900/

    • > How can one intepret it in any other way is "Russia is evil and visiting Russia is thus evil"?

      Simple: Durov has no problem with constructing a narrative that has little to do with reality.

    • > How can one intepret it in any other way

      As noise. The fact it's xenophobic or some other kind of noise is just implementation details at that level.