Everything wrong or weird about this publication

• Why Telegram is insecure?

Links: tgbeta/3386 | tgbeta/3393 | Twitter | Screenshot Twit | GitLab | GitLab Webcache | Plagiarism

• Everything wrong or weird about this publication

The original page was deleted by edu4rdshl (gitlab repo owner). Screenshot.
The Google cache for this issue #2 is not available, only issue #1 still remain.

January 6, 2019
by Rickyy

edu4rdshl: MTProto is not IND-CCA secure

Telegram by now is satisfying the conditions for IND-CCA.

In this paragraph you are writing that Telegram is not IND-CCA secure.
This is not true anymore by now. The paper you are linking is from 2015. Telegram is by now using MTProto v2 which indeed satisfies the conditions for IND-CCA.
It's even explained in their FAQ.

In MTProto v1 the protocol did not satisfy the conditions for IND CCA - see here

January 6, 2019
by Merlin

There are LOTS of things wrong with this paper. I will point out everything I find here.

edu4rdshl: Telegram use phone number

Signal as well only works with a phone number. You name signal as a better solution, while it has EXACTLY the same only optional protection. Additionally, in Telegram you can set a complete password while on Signal you can only set a Pin-Code, which in the end provides significantly less options to bruteforce and eliminates the possibility to use a password manager to generate a super-secure password.

edu4rdshl: Cloud Messaging

Yes, it's true that this is not the most secure way to do things, but you forget to mention one thing: Cloud Messaging is the main USP for Telegram. It is the sole reason why many of telegram users even start using it. If you want to provide additional security, you have the option to use secret chats, if you want the cloud messaging (which, again, is the reason why people use telegram), you use normal chats.

edu4rdshl: The most likely case is that people will make the mistake of clicking on the contact they wish to speak to

Here you are speculating. As stated above, using normal chats is nothing that users accidentally do. It is what they want to do. If you click on a profile, there is a prominent, colorful text "Start secret chat". This leads to users clicking on it and reading about what secret chats are. Every telegram user knows, secret chats exist. It is nothing they accidentally miss.

edu4rdshl: through the multi step process of setting up a "Secret Chat".

If you start a chat with someone, you have the option to click on the chat symbol, or on the "start secret chat" link. It is literally the exact same amount of steps needed.

edu4rdshl: (optional on iOS)

Also optional on Android. Just click no and don't give Telegram access to your contacts. Additionally, this is again the same for signal.

edu4rdshl: Voluminous Metadata

This whole section makes no sense. As you said in the first sentence, "Anything using a mobile phone exposes a wide range of metadata". Instead of mentioning that this metadata can just as easily be compromised on signal or threema servers, you just say it as if it would be a telegram specific problem.

edu4rdshl: Google's messaging services

You can disable the use of google's messaging service if you use the FOSS version (which a guy caring so much about security as you uses anyways).

edu4rdshl: If I were a gambling man

Stop speculating.

edu4rdshl: on by default in not encrypted chats

There are no "not encrypted chats". Thanks, Rickyy

edu4rdshl: Can they read your messages still if you are using "Secret chats"? (Not sure but is a edge case).

Of course not. If you write a link, telegram sends a small request with the link text to the TG servers and you get a response with the preview. This is the most obvious thing. And Telegram is Open Source, just check it for yourself.

Doing the preview this way is way more secure than what other messengers do by generating the preview on device. By the preview being generated on the Telegram servers, your IP is not exposed to any servers. Other messengers that generate the previews on-device, expose your IP to the server behind every single URL you get send. https://www.bellingcat.com/resources/how-tos/2019/01/04/how-to-blow-your-online-cover-with-url-previews/ (Thanks Maciek and Rickyy)

Just as well to mention is that this is not a simple "Yeah it would be better to opt-in here" opt-in, but telegram is actively telling you that this exposes stuff you send to the chat and makes the chats less secure.

edu4rdshl: Local storage not encrypted

Or if you set up a pin/passcode.

edu4rdshl: MTProto

I am no security expert, so I am not able to respond to everything said on your end. But you are clearly referencing to the very outdated MTProtoV1 which is not used anymore. Nowadays telegram is using MTProtoV2 which does not have the problems you pointed out anymore. https://core.telegram.org/mtproto

Yes, Telegram is less secure than End2End encrypted Messengers. That is not a disadvantage, it is the design of the app. Telegram is a cloud messenger and is the most secure cloud messenger out there. Comparable messengers are not Signal or Threema, but Facebook Messenger, Instagram, Snapchat, Google Hangouts and so on.

Telegram is not completely insecure. It is less secure. It provides enough encryption for the general public to be a completely viable messenger while giving the option to make a secure end2end encrypted conversation if needed. There is nothing wrong with using Telegram. Additionally, Telegram is not selling your metadata to advertisers as competitors like WhatsApp do (yes, I know you didn't mention WA in your text and I respect you for that. Many people only say "WA uses the same encryption as Signal, so it's good to use")

Additions:

As p0358 points out, Telegram users have the possibility to create username. Telegram does not share your phone number with anyone when using it, without you knowing. This is also true for group chats, where in other messengers (I don't know about signal and Threema) your phone number is shared to everyone in the group with no way around it. Telegram gives you the option to communicate with everyone in every way without knowing their phone number at all (which is not possible in e.g. Signal, where you need the phone number of the other party to start a conversation).

If anyone has other stuff that should be added, feel free to comment and I will add it to this text, so that there is one complete text of issues with the publication.