- cross-posted to:
- [email protected]
- [email protected]
- [email protected]
- cross-posted to:
- [email protected]
- [email protected]
- [email protected]
Investigation by investigative journalism outlet IStories (EN version by OCCRP) shows that Telegram uses a single, FSB-linked company as their infrastructure provider globally.
Telegram’s MTProto protocol also requires a cleartext identifier to be prepended to all client-server messages.
Combined, these two choices by Telegram make it into a surveillance tool.
I am quoted in the IStories story. I also did packet captures, and I dive into the nitty-gritty technical details on my blog.
Packet captures and MTProto deobfuscation library I wrote linked therein so that others can retrace my steps and check my work.
You must log in or # to comment.
Also, AMA I guess.
What would you recommend as an alternative for the general non-technical population?
Matrix
I would most definitely not recommend Matrix for private or sensitive communication, no.
https://soatok.blog/2024/07/31/what-does-it-mean-to-be-a-signal-competitor/
https://soatok.blog/2024/08/14/security-issues-in-matrixs-olm-library/Matrix is fine as IRC replacement, it might also be a decent replacement for Telegram’s channels thingy, sure. But I would not trust my family photos to it. Much less anything actually important.
That guy again lmao why do “security researchers” keep recommending signal with that softheaded blog. Get real
I would most definitely not recommend Matrix for private or sensitive communication, no.
https://soatok.blog/2024/07/31/what-does-it-mean-to-be-a-signal-competitor/
https://soatok.blog/2024/08/14/security-issues-in-matrixs-olm-library/
Matrix is fine as IRC replacement, it might also be a decent replacement for Telegram’s channels thingy, sure. But I would not trust my family photos to it. Much less anything actually important.Regarding Soatok, I am prone to completely ignore impolite individuals. As far as my experience goes, and for most of the general populace, Matrix is fine. And it is likely to continue improving. Compared to Signal and Telegram, who both incentivize crypto"currencies", a.k.a. tech bro multi-level marketing pyramid schemes, enshittification has already begun.
Roy says: August 6, 2024 at 4:28 pm
Interesting post! I would be really interested in knowing your opinion on SimpleX Chat.Soatok says: August 6, 2024 at 4:55 pm
See, this is exactly the fucking problem. I never invited anyone to query me to look at YET ANOTHER fucking chat app. Yet this still keeps happening. Doing security reviews is labor. You’re asking me to work for free to satisfy your curiosity. This is annoying to do. I don’t have a fucking opinion about SimpleX. I don’t have an opinion about a lot of apps. If I want to share my opinion, I’ll blog about it WITHOUT being prompted. Until then, please stop asking.
By Post AuthorRegarding Soatok, I am prone to completely ignore impolite individuals.
Please feel free to ignore me as well then, because saying that technical analysis by an expert can be outright ignored just because the expert happened to be impolite that one time might make me become somewhat impolite.
Imagine getting dozens of randos in your replies asking about dozens of random chat apps. At some point I am pretty sure you’d also reach a breaking point. Some would call that kind of behaviour a bit impolite, I’d wager.
I’m not saying arguments necessarily become invalid because of impoliteness. But to me it doesn’t convey trustworthiness on first impression, especially when not knowing someone. The world / the Internet already contains so much toxicity, there’s no need for needless additional discord. Especially when encountering something frustrating on the Internet—as opposed to real life—it is trivial to just take a breath, go for a walk, and come back and respond peacefully. The simplest thing for Soatok to have done would be to ignore the message, or use AutoKey to paste a generic neutral response denying the request.
Soatak
Soatok. At least get the name right.
The simplest thing for [Soatok] to have done would be to ignore the message
Which also happens to be the simplest thing you could have done, even simpler as none of the toots you quote were addressed to you. Instead, you are dragging this one random exchange into this thread about something else entirely.
Why do you conflate politeness and trustworthiness? Seems like a weird connection to make.
That’s all FUD. Matrix is as secure as Signal if you - like Signal - rely on a single centralized server. Actually, since you can host it yourself, it would be even more secure since you don’t need to trust Signal.
(I defend infrastructure and perform hacks against cryptograph & protocols for a living)
My question was specifically about “the general non-technical population”. Do you expect my mom to even remotely understand what different servers are and why talking to me is securely encrypted but talking to her friends group isn’t? The point about secure software is that it needs to be secure by default or else, entry level users will manage to accidentally send their stuff in plain text and not even notice.
For nerds like us, I agree that Matrix is probably a good choice. For someone who needed to be told that “the internet” isn’t the blue “e” on their desktop… not so much. I’d rather send carrier pigeons than explain Matrix to my family.
My extended family use Matrix - including my elderly parents. It’s no more difficult to understand than any other service.
(I defend infrastructure and perform hacks against cryptograph & protocols for a living)
If you need to say it…
For the internet messenger functionality that would be Signal.
For other things (channels, mostly), anything that does not pretend to be end-to-end encrypted when it is not. A website with an RSS feed would be one trivial choice for channels that are open to anyone. Public communication like that has no business going through “platforms”.
This seems a bit convoluted as an explanation if I’ve understood it correctly. If Telegram as using a compromised hosting provider then you could have the strongest crypto in the world to prevent a man-in-the-middle from seeing the unique identifier for each device and it wouldn’t matter since they already who which user is which IP from the servers they control. They don’t stand to gain anything by exposing the unique string to MiTM attacks when they already control Telegram’s servers unless their goal is also to allow other countries to see which user has which IP too. It just seems like an incompetent implementation.
I hate it when I don’t know an acronym, but this one is particularly hurtful to my brain since everyone is saying “yeah, that link to the FSB was obvious glad someone demonstrated it.” So… I will just assume FSB=KGB and be done.
Anyway, most of our privacy “war fronts” are honeypots in one way or another. Take for example Tor network (high number of exit nodes are controlled). Except those apps or protocols that are truly decentralized (e.g. OMEMO in XMPP), these are good. But then again, they lag behind to our standards of “normal” Internet that connects us to the world, outside of our tiny circles of nerds.
Now, the thing with honeypots, is that they are there to catch some specific type of fly. If you were to use their network to take advantage of the features for anything that the “predator” behind doesn’t care, you’re fine. So, I will keep using Telegram for the memes and piracy channels…
From an OPSec perspective this is important news nonetheless and I will keep it in mind.
I hate it when I don’t know an acronym, but this one is particularly hurtful to my brain since everyone is saying “yeah, that link to the FSB was obvious glad someone demonstrated it.” So… I will just assume FSB=KGB and be done.
Russian FSB is the successor of the Soviet KGB, so yeah, that works.
Take for example Tor network (high number of exit nodes are controlled)
I substantiated my claims about Telegram by a pretty deep technical analysis. Mind at least providing a link for your pretty strong claim about Tor?
Except those apps or protocols that are truly decentralized (e.g. OMEMO in XMPP), these are good.
Nope. Decentralization is important from power dynamics standpoint, but can actually be detrimental to information security due to (among others) metadata and complexity.
Mind at least providing a link for your pretty strong claim about Tor?
I don’t have one. Thanks for asking, you made me actually reconsider the truthfulness of my own statement… I was just parroting back what I heard many times, years ago, among the people that attended a hacklab from the city I was living in back then.
Same goes with the ‘tip’ that said that Tor was initially funded by the US Military (which apparently is true, but then the project turn out to be independent.) These two “facts” were presented, and parroted back and forth in that space a lot.
It would be great to have real analysis knowing which data centers or actors have the biggest control of exit nodes. If there’s really a way to de-anonimyze any traffic from there.
PS. Since we are on the topic, another concern regarding Tor network is the possibility of correlation attacks. It always strikes me how ISP stops providing connection at ‘random’ if you were a frequent user. Pretty sure there’s legal forces behind it… but that’s my paranoia. Now those minutes or hours offline sprinkled here and there to my router were a fact. Anyway, the dark web is really full of a lot sick places. I’d rather just stay away from it entirely and use a VPN for my privacy when searching media and stuff. That’s a lesson I learned.
Thank you, it is refreshing to see someone honestly and earnestly engaging in a conversation about this. The “Tor is a honeypot” thing is very often an all but religiously held belief.
It would be great to have real analysis knowing which data centers or actors have the biggest control of exit nodes. If there’s really a way to de-anonimyze any traffic from there.
To truly and reliably de-anonymize Tor traffic, one would need to run over 51% of all Tor nodes. Since the US is not the only entity potentially interested in that (Russia and China might be as well), unless these entities coordinate and share data, they will thwart one another from reaching that kind of saturation.
Since we are on the topic, another concern regarding Tor network is the possibility of correlation attacks.
It might be possible to somewhat fuzzily reason about Tor users by observing traffic on both sides of the tunnel, using timing and packet sizes for analysis. But a). it is going to be very fuzzy; b). it requires global network observation capability. NSA might or might not have that to some extent, but they would not risk exposing that for anything but the most valuable targets.
I’d rather just stay away from it entirely and use a VPN for my privacy when searching media and stuff.
VPNs are a specific tool for a specific thing, they don’t “preserve privacy” in the general sense. You are basically trading ISP’s or local spooks’ ability to observe your traffic for VPN’s operator’s and the local spooks’ there ability to do so. In some cases it makes sense, in some – not so much.
Depends on your threat model.™
