WingNews logo WingNews
top | item 25729084

(no title)

krspykrm | 5 years ago

If it was indeed a backdoor, sure, but that's a judgment call, not something anyone knows. As others have noted, e2e was a novelty at the time, not a norm, and the platform itself was extremely new (less than a year old), and their stated reason for this was to protect against weak client RNG, which in retrospect sounds like a weak reason, but looking back at the news of 2013, this was right around the time the Snowden leaks caused everyone to believe RDRAND could indeed be compromised, so "client having state-compromised RNG" was indeed something on everyone's mind.

Further, the fact that this was caught so quickly is in some sense a vindication of Telegram's model - even in its infancy when it had orders of magnitude fewer users, the fact that the client was open source allowed someone to quickly spot a vulnerability.

The verdict? IMO Telegram secret chats are probably secure (90% certain), but if I were plotting a murder or something, I wouldn't do it over a smartphone app anyway. There's just too many leaky, complex layers in the stack, some of which aren't even open, and quite dubiously so. If security is a life-or-death situation for you, you'd be a fool to use any smartphone app.

discuss

order

FDSGSG|5 years ago

>If it was indeed a backdoor, sure, but that's a judgment call, not something anyone knows. As others have noted, e2e was a novelty at the time, not a norm, and the platform itself was extremely new (less than a year old), and their stated reason for this was to protect against weak client RNG, which in retrospect sounds like a weak reason, but looking back at the news of 2013, this was right around the time the Snowden leaks caused everyone to believe RDRAND could indeed be compromised, so "client having state-compromised RNG" was indeed something on everyone's mind.

Everything you said here was addressed by the OP. The connection to telegram servers is already encrypted, the only adversary this server-side RNG could possibly defend against is one that has access to the server.

krspykrm|5 years ago

So maybe they just made the same mistake I did?