A few days ago, Will Cathcart, the director of WhatsApp, announced that Telegram is not secure, and to prove it, he pointed to an article focusing on the access of Russian authorities to Telegram chats. The spokesperson of Telegram, Rami Van, also responded to the WhatsApp manager He denied the accusations by publishing a text in cyberspace. According to Vaughn, the Wired article contains many errors. Also, the editorial team has ignored Telegram’s comments and replies, which in turn mislead Catcart.
Telegram has compiled a list of 9 errors in the Wired article in response to the accusations of the WhatsApp manager, which you can view on telegra.ph. The post in question ends with “This list is being updated”.
Telegram writes: This post examines various claims in the Wired article, including the one about location tracking. For example, location tracking is only possible if the user explicitly makes their location visible to the public, which only 0.01% of users have enabled.
Regarding the privacy of secret chats, Vaughn points out that Catcard is wrong about Telegram’s End To End Encryption Protocol (E2EE) not being approved. In this regard, a team from the University of Udine in Italy has verified the MTProto 2.0 protocol used by Telegram to secure chats.
Note, however, that this is a protocol-only confirmation. But the Telegram software is open source and the servers of this messenger are not open source.
This messenger has been using reproducible builds since version 5.13. Reproducible builds mean that you can use publicly available source code to verify that the resulting device code is the same as code hosted on the App Store, Google Play, and Telegram’s own website. Telegram servers are not open source, although the Udine team also validated the MTProto 2.0 protocol in the presence of malicious servers.
Telegram says that WhatsApp points to a problem that could destroy the security of Secret Chat. When starting a secret chat, it is necessary for the user to verify the authentication key through a secure external platform. Otherwise, Man-in-the-Middle attacks are possible. These attacks are such that a third party eavesdrops on the messages and may even change them. The researchers note that such an error is also possible when using the Signal app.
So if you use any of these apps, make sure you check the authentication key correctly. Secret Chat or Secret Chat isn’t really safe until you do. It’s worth noting that you can’t use the same chat or other insecure chats to check the authentication key match.
- Start 2023 with the latest Telegram update
- Providing emojis and stickers in the profile picture and live chat translation in the new Telegram update
