Telegram Messenger - secure, free messaging for iPhone and Android

Discussion in 'privacy technology' started by lotuseclat79, Dec 16, 2013.

Thread Status:
Not open for further replies.
  1. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,101
  2. mattdocs12345

    mattdocs12345 Registered Member

    Joined:
    Mar 23, 2013
    Posts:
    1,785
    Location:
    US
    They are cloud based...
     
  3. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    3,771
    Location:
    Outer space
  4. dogbite

    dogbite Registered Member

    Joined:
    Dec 13, 2012
    Posts:
    1,166
    Location:
    EU
    the problem of all these (I think also about Wickr, etc.) is that nearly nobody uses them. It's the same story of GPG....effective but unusable.
     
  5. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    3,771
    Location:
    Outer space
    Yes, but perhaps that will change a bit with Facebook acquiring Whatsapp. Two people I know switched to Telegram today because of this, even though they both use Facebook and Whatsapp.
    If enough people can convince their contacts to use a secure alternative, then it can get a foothold. Then the argument that nobody uses them becomes less valid and it can slowly grow towards becoming more mainstream.
     
  6. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,101
    Hi BMW,

    The linked article in your post said it all:

    -- Tom
     
  7. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    3,771
    Location:
    Outer space
    Yes I know, but the developer counters most of it in the comments and they offer $200.000 bounty to break it:
    https://telegram.org/crypto_contest
     
  8. dogbite

    dogbite Registered Member

    Joined:
    Dec 13, 2012
    Posts:
    1,166
    Location:
    EU
  9. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    3,771
    Location:
    Outer space
  10. dogbite

    dogbite Registered Member

    Joined:
    Dec 13, 2012
    Posts:
    1,166
    Location:
    EU
    ok, but is that report relevant to their website or to their app?
     
  11. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    3,771
    Location:
    Outer space
    It's about the website so not that important, but if the devs have good crypto knowledge why support obsolete, weak ciphers?
     
  12. dogbite

    dogbite Registered Member

    Joined:
    Dec 13, 2012
    Posts:
    1,166
    Location:
    EU
  13. dogbite

    dogbite Registered Member

    Joined:
    Dec 13, 2012
    Posts:
    1,166
    Location:
    EU
  14. rock_man

    rock_man Registered Member

    Joined:
    Feb 6, 2014
    Posts:
    55
    To me, it is totally confusing that crypto folks "assume" closed-source software and service Threema is secure, yet bash Telegram Messenger. Just because Threema has a bunch of famous names to through around and some fancy pants NaCl encryption, doesn't mean the implementation is secure. Has it been independently audited? If a third-party has not yet audited a paid service such as Threema, that is bad form. I asked the same thing of the MyEnigma folks and received no response.

    I don't think Threema is the right chat software for the masses, whom WhatsApp and Telegram are designed. There are entry barriers for Threema: closed-cource crypto, up front fee and re-establishment of the social graph to name a few.

    Enter Telegram Messenger. So they rolled their own crypto? I think that's innovative and that's what irks the crypto "experts". Telegram appears to be using "old" or "weak" or "confusing" crypto according to the "experts". A bunch of math wizzes cooked up the crypto for Telegram. They have documented their system. They invite feedback and hacking. Has anyone actually broken their crypto?

    This is the main point. I am starting to become very suspicious of the crypto "experts" on the Internet who attack the theory or design with no proof of the actual implementation being insecure. Reading their theoretical analysis on Telegram confuses the layman. My take is the reason Telegram devs chose to roll their own crypto is purposefully avoiding the popular and newest forms of crypto, like the stuff Moxie has done with TextSecure. It seems crypto "experts" are uninterested in old crypto used in innovative new ways. But maybe I am just naive?

    Where is the proof messages are intercepted and read by someone other than the intended recipient? IMHO, all other arguments regarding Telegram's crypto are moot until then.
     
Loading...
Thread Status:
Not open for further replies.