Sign in / up

back to article Telegram Messenger delivers candygrams to stalkers

Mere days after opsec expert The Grugq warned that popular messaging app Telegram Messenger couldn't be regarded as secure, another researcher has demonstrated how its metadata leaks expose users to stalking. Over at Github, Ola Flisbäck offers up a depressing demonstration of just how easy it is to zero in on an individual by …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Shadow Systems

    A simple solution...

    <Crotchety Old Fossil quavering voice>Stop using all these newfangled protocols an apps an bunk.

    If the extension of a pseudopod to link biochemical electrical pulses between aeomeba was good enough for me, it's good enough for you young WhipperSnappers!

    *Shakes a palsied tentacle*

    Now get off my laaaaawn!

    </Senile Old Git>

    *Cough*

    I'll get my coat, it's the one with the Primordial Soup Crackers in the pocket.

    =-D

    6 4 Reply
    1. ashdav
      Reply Icon
      Thumb Up

      Re: A simple solution...

      You are either amanfromMars or you've been to the pub.

      Either way I claim my £5.

      4 0 Reply
  2. a_yank_lurker

    Who Wrote This?

    Telegram sounds like a semi-secure app some intelligence agency would write and release through a front. Create enough buzz in the right circles to get it adopted by the targets and set back and read the supposedly secure messages. Now which set of spooks wrote this who did they share it with?

    Probably many of us were not aware of the app's existence until very recently when apparently its cover was blown (deliberately?).

    4 1 Reply
    1. Voland's right hand Silver badge
      Reply Icon

      Re: Who Wrote This?

      Nope. It sounds like an IM app with encryption. All IM apps do a change status on going to/from foreground or shortly thereafter. They also do it to all contacts.

      Telegram makes things slightly easier by being a predominantly mobile app so the correlation between foreground and talking is significantly higher. Otherwise, however, it is no different from gtalk, the f***book messenger, etc with OTR2.

      0 1 Reply
  3. Your alien overlord - fear me
    Black Helicopters

    Perhaps this is a spooks snooper operation? Front man says it's secure and we can't give the spooks what they want even under court order (good publicity), that gets lots of bad people using it i.e. drug dealers/paedos which gets into the mainstream news (all publicity is good publicity remember), then even more bad people use it i.e. terrorists when it's shown that it can't be intercepted/cracked.

    But all along, certain people have been eavesdropping. The trouble is, they have the knowledge of to-be-commited crimes/atrocities but like when the British broke the Enigma code, if you foil all activities the oppostion know you've broken it. Even if it means members of the public will surely die, some people (unaccountable and acting in the National Security guise) believe that's acceptible.

    Personally I don't.

    4 0 Reply
    1. a_yank_lurker
      Reply Icon

      The basic problem with intelligence intercepts is how to use them without alerting the targets how you know. Fortunately for the spooks there is usually enough noise in the system for them to hide behind.

      Another problem, often overlooked, is intelligence intercepts are often incomplete in some critical manner. In the movie "Tora, Tora, Tora", US cryptographers had deduced accurately the Japanese were going to attack the US. But the decrypts of foreign ministry communications did not include military details about timing and location of the attacks. The problem the interpreters had was who were the initial targets and when were they going to be hit. This was actual historical problem, the US know something big was going down but did not know when and where.

      In WWII, the Admiralty Submarine Tracking Room used Enigma decrypts, traffic analysis, and shrewd guessing to anticipate the German moves in the Atlantic. The primary interpreter called his analysis "working fiction" because of the varying degree of guessing involved. Often it was shred guessing that was important. Enigma decrypts were erratic through WWII, with the Germans regularly changing the settings, number rotors, etc.

      3 1 Reply
  4. Anonymous Coward
    Anonymous Coward

    End-to-end encryption

    When companies yell the latest security-washing term 'end-to-end encryption', it's to draw attention away from the "meta-data" which they're legally obliged to leak to the government.

    3 2 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like