They should only notify users if they both have each other's phone. Otherwise it is trivial to create several thousands of accounts and upload thousands of numbers from each to get a mapping between an id and a phone number. Here is a quote from a head of Russian company that claims to do this:
> A phone number used by [Telegram] account @silovikicat was discovered using a program titled "Insider-Telegram" developed by the "Center of research of legitimacy and political protest". The head of the "Center" Eugene Venediktov explains: "Currently the database contains over 10 million of numbers. We just go through all possible numbers and check whether they are registered in Telegram: for example, we take all numbers starting with a prefix +7911 and check them. You automatically see all contacts from you address book in your Telegram, don't you? We just have a very "fat" address book with phones of all users from our country."
> When a phone number provided by Eugene is added into an address book, Telegram automatically matches it with account @silovikicat («Siloviks' cat»).
Having a phone number means that the government can track its rough location and know owner's identity.
This also means that other messengers using similar contact discovery allow to de-anonymize its users the same way.
> This also means that other messengers using similar contact discovery allow to de-anonymize its users the same way.
While I don't like to have messaging apps tied to the phone number, it has become a mainstream model that most people accept and know how to use.
I have been thinking for some time that we need a mainstream messaging app that uses end-to-end encrypted, and you can get in contact with a peer only if it accepts you (just like old messaging apps, WLM, ICQ, etc), so, if the peer doesn't accept to chat with you, you won't even know whether the number is registered.
In fact, my initial PoC is https://safer.chat/, I just need the time to make an app from it.
Yep, expect no privacy in any app that requires a phone number. At least in most places. More than 150 governments require a proof of identity to purchase a SIM card.
I have a question about Telegram. Let's say I have a number in my contacts, but the other side doesn't have my number in their contacts. So I can now see their name and picture and "last seen"? But can they see the same thing about me without having my number saved? Do they get notified at all? Seems really odd to do this one-way.
> The fix Telegram is working on would allow users to disable matching by phone number. That option represents a balance between making it easy for users to find their contacts and the privacy needs of those who rely on the app for protection against state security agents.
> Telegram hopes to help protect Hong Kong protesters with the update, the source said. But wide adoption of the optional security setting would make the app far harder to use for the vast majority of its more than 200 consumers, who rely on uploading phone contacts to identify friends and family members on the app, the source said.
Make the match 2 way then.
If you both have reach other's number allow the match. If it's one sided - deny.
> Protesters believe Chinese security officials have exploited the function by uploading large quantities of phone numbers.
> The app automatically matches phone numbers with the user names in the group. Chinese authorities then only need to request the owners of the phone numbers from the local telecom service in order to learn the users’ true identities.
> Telegram has detected evidence that Chinese authorities may have uploaded numbers to identify protesters, said a person with direct knowledge of the situation.
> The app automatically matches phone numbers with the user names in the group. Chinese authorities then only need to request the owners of the phone numbers from the local telecom service in order to learn the users’ true identities.
This is a flaw common to services that rely on phone numbers as IDs. In many countries, one cannot purchase a SIM card without showing ID (and the seller makes a photocopy of the ID to provide to the authorities). That means that there cannot be true anonymity. Know the phone number, know the person.
I am always baffled when people claim that PGP-encrypted e-mail is passé because it leaks metadata, when Signal and Telegram leak metadata too and, furthermore, metadata that can be immediately associated with a specific person in many countries.
Then don't use so called 'secure' services that rely on phone numbers. There exist plenty of secure chat apps that don't have this flaw. LINE is probably my favorite.
If Telegram were protecting the identity of HK protestors they would say this.
If they were selling the HK protestors out to the Chinese government they would also say this.
True trustworthyness can only come from open source code and concepts designed into the protocol. I don't think this can be achieved on Apple's platform, might be possible on Android.
Knowing the founder, find it hard to believe. The guy who fled Russia to avoid persecution has little tolerance for any government trying to mess with people's privacy. Culturally, Russia itself has a lot more in common with the west. China is completely separated, from, I would say, the rest of the world, in terms of mentality. It's even different from most Asian countries and Hong Kong. Find it hard to imagine why would anyone cooperate with China on doing things the western world considers immoral and unacceptable.
I think it's hard to make an argument that China has a lot of leverage on Telegram as an organization, but that could change in years to come. A decade ago, no one really thought Google would become this hostile to users and even seek to collaborate with the CPC govt and its totalitarian vision.
Everything you said about open-source applies to Android too. At the very least all kinds of backdoors are in Android phone because of chip firmware. But I guess you might be alluding to the fact that Tim Cook handed over Apple iCloud keys to the Chinese govt.
No, it's impossible to know what code is running on someone else's server. If you give your phone number to someone, you are at their mercy to keep it confidential.
> But wide adoption of the optional security setting would make the app far harder to use for the vast majority of its more than 200 consumers, who rely on uploading phone contacts to identify friends and family members on the app, the source said.
This is false: regardless of Telegram’s nags to upload my phone book to them, I find it quite easy to use the app without doing this.
Can we stop referring to Telegram as an "encrypted app"?
End-to-end encryption only works in "secret chats" and voice calls. Outside of those, it's as encrypted as HN is (connection happens over TLS, but that's about it).
A big pro of using phone #s is that it allows users to effectively take their social network with them from app to app instead of being locked in.
IMO phone numbers are a pretty terrible system (you would never ask people to remember dozens of IP addresses for all the websites they want to visit but historically people have been expected to remember phone #s for all the people they want to contact), but they are the system we have and it could be worse.
“But wide adoption of the optional security setting would make the app far harder to use for the vast majority of its more than 200 consumers, who rely on uploading phone contacts to identify friends and family members on the app, the source said.”
With only 200 users on the app me thinks adoption will be fast - think they forgot a “K”
This was covered in other news pieces. In Signal, your number gets exposed to everyone else in the group (similar to WhatsApp). The protestors didn’t want their numbers to be exposed to other people they were talking to. Telegram doesn’t, by default, show your number to others you chat with unless you choose to. Telegram also allows usernames to be used to contact and refer to people. The other factor is that Telegram allows really large groups (like 200K members), which Signal and WhatsApp don’t.
Signal also needs a phone# to activate & iirc, if you have someone's phone number in Contact List, they'll appear, so sort of same issue may be. Only one I know of so far not needing a phone# is Wire.
[+] [-] codedokode|6 years ago|reply
> A phone number used by [Telegram] account @silovikicat was discovered using a program titled "Insider-Telegram" developed by the "Center of research of legitimacy and political protest". The head of the "Center" Eugene Venediktov explains: "Currently the database contains over 10 million of numbers. We just go through all possible numbers and check whether they are registered in Telegram: for example, we take all numbers starting with a prefix +7911 and check them. You automatically see all contacts from you address book in your Telegram, don't you? We just have a very "fat" address book with phones of all users from our country."
> When a phone number provided by Eugene is added into an address book, Telegram automatically matches it with account @silovikicat («Siloviks' cat»).
Having a phone number means that the government can track its rough location and know owner's identity.
This also means that other messengers using similar contact discovery allow to de-anonymize its users the same way.
[1] (in Russian) https://meduza.io/feature/2019/08/10/kto-takoy-tovarisch-may...
[+] [-] heyoni|6 years ago|reply
It’s just like Venmo. I’m seeing users in my newsfeed because they’re in my contacts but not because we added each other. Really bizarre.
[+] [-] AlexITC|6 years ago|reply
While I don't like to have messaging apps tied to the phone number, it has become a mainstream model that most people accept and know how to use.
I have been thinking for some time that we need a mainstream messaging app that uses end-to-end encrypted, and you can get in contact with a peer only if it accepts you (just like old messaging apps, WLM, ICQ, etc), so, if the peer doesn't accept to chat with you, you won't even know whether the number is registered.
In fact, my initial PoC is https://safer.chat/, I just need the time to make an app from it.
[+] [-] emanreus|6 years ago|reply
[+] [-] pingyong|6 years ago|reply
[+] [-] lysp|6 years ago|reply
> Telegram hopes to help protect Hong Kong protesters with the update, the source said. But wide adoption of the optional security setting would make the app far harder to use for the vast majority of its more than 200 consumers, who rely on uploading phone contacts to identify friends and family members on the app, the source said.
Make the match 2 way then.
If you both have reach other's number allow the match. If it's one sided - deny.
[+] [-] Thorrez|6 years ago|reply
[+] [-] myself248|6 years ago|reply
> The app automatically matches phone numbers with the user names in the group. Chinese authorities then only need to request the owners of the phone numbers from the local telecom service in order to learn the users’ true identities.
> Telegram has detected evidence that Chinese authorities may have uploaded numbers to identify protesters, said a person with direct knowledge of the situation.
Signal does/did this too: https://news.ycombinator.com/item?id=12590979
[+] [-] Mediterraneo10|6 years ago|reply
This is a flaw common to services that rely on phone numbers as IDs. In many countries, one cannot purchase a SIM card without showing ID (and the seller makes a photocopy of the ID to provide to the authorities). That means that there cannot be true anonymity. Know the phone number, know the person.
I am always baffled when people claim that PGP-encrypted e-mail is passé because it leaks metadata, when Signal and Telegram leak metadata too and, furthermore, metadata that can be immediately associated with a specific person in many countries.
[+] [-] segmondy|6 years ago|reply
[+] [-] axaxs|6 years ago|reply
[+] [-] roenxi|6 years ago|reply
If they were selling the HK protestors out to the Chinese government they would also say this.
True trustworthyness can only come from open source code and concepts designed into the protocol. I don't think this can be achieved on Apple's platform, might be possible on Android.
[+] [-] snitko|6 years ago|reply
[+] [-] bishalb|6 years ago|reply
[+] [-] est31|6 years ago|reply
[+] [-] abstract7|6 years ago|reply
Everything you said about open-source applies to Android too. At the very least all kinds of backdoors are in Android phone because of chip firmware. But I guess you might be alluding to the fact that Tim Cook handed over Apple iCloud keys to the Chinese govt.
[+] [-] lonelappde|6 years ago|reply
[+] [-] jsmeaton|6 years ago|reply
This is not a general proclamation.
[+] [-] paulcarroty|6 years ago|reply
Especially on Google platform with every click tracking.
[+] [-] saagarjha|6 years ago|reply
This is false: regardless of Telegram’s nags to upload my phone book to them, I find it quite easy to use the app without doing this.
[+] [-] jen_h|6 years ago|reply
I will never understand why apps that profess allegiance to privacy upload entire contact lists.
Sure, users will complain it’s harder. They’ll always complain, but you’re protecting them and their contacts who have NOT provided consent.
[+] [-] jobigoud|6 years ago|reply
[+] [-] baby|6 years ago|reply
Btw why all these apps require a phone #? Is it required by the gov?
[+] [-] input_sh|6 years ago|reply
End-to-end encryption only works in "secret chats" and voice calls. Outside of those, it's as encrypted as HN is (connection happens over TLS, but that's about it).
[+] [-] batat|6 years ago|reply
[+] [-] solarkraft|6 years ago|reply
[+] [-] foobiekr|6 years ago|reply
[+] [-] kome|6 years ago|reply
[+] [-] thekyle|6 years ago|reply
IMO phone numbers are a pretty terrible system (you would never ask people to remember dozens of IP addresses for all the websites they want to visit but historically people have been expected to remember phone #s for all the people they want to contact), but they are the system we have and it could be worse.
[+] [-] xivzgrev|6 years ago|reply
With only 200 users on the app me thinks adoption will be fast - think they forgot a “K”
[+] [-] mappu|6 years ago|reply
an "M" - 200 million users as of March 2018. https://telegram.org/blog/200-million
[+] [-] ryanlol|6 years ago|reply
It is terribly unlikely that they’d have their users best interest in mind.
[+] [-] jen_h|6 years ago|reply
[+] [-] wtdata|6 years ago|reply
[+] [-] newscracker|6 years ago|reply
[+] [-] n_ary|6 years ago|reply
[+] [-] nick_dmnd|6 years ago|reply
[deleted]
[+] [-] Proven|6 years ago|reply
[deleted]
[+] [-] dosy|6 years ago|reply
[deleted]
[+] [-] code_infinity28|6 years ago|reply
[deleted]
[+] [-] code_infinity28|6 years ago|reply
[deleted]
[+] [-] 29_29|6 years ago|reply
[+] [-] temptemptemp111|6 years ago|reply
[deleted]