I'm fairly certain it is deeply connected to Russia. People believe it's encrypted but it's not for group chats or default for direct chats. They have money when Telegram is expensive to run, not to mention they can easily threaten Durov's life.
The Russian network block and letting people use Telegram again was the government squeezing their biggest source of users and income until they acquiesced.
> I'm fairly certain it is deeply connected to Russia.
Just as Signal, Facebook, Google, WhatsApp are deeply connected to the USA?
> People believe it's encrypted but it's not for group chats or default for direct chats.
The cloud and E2EE encryption of Telegram have already been audited by independent researchers.
> They have money when Telegram is expensive to run
They literally raised money (a billion dollars) by selling bonds last year and to make Telegram self-sustainable, introduced Telegram Premium.
> not to mention they can easily threaten Durov's life
Which is why Durov (and his whole dev team) moved to the UAE in the first place!
I'm all for healthy skepticism, but there must be a limit. Unproven conspiracies aren't helping anyone, especially from people who have no issues with apps like WhatsApp. Telegram has time and again tried to fight government intervention, and yet that's not enough. The clients are open-source, everything audited by independent researchers and yet, people aren't afraid to make claims that they can't prove.
Yeah people keep trying to push the "Russian connection" when it isn't being supported by Durov's actions. It almost feels like a conspiracy theory encouraged by users of competing apps.
There are legitimate reasons to doubt Telegram like the lack of default end-to-end encryption but the Russian thing as a criticism of the app itself is overblown.
> The cloud and E2EE encryption of Telegram have already been audited by independent researchers.
Yes, and they all agree it's crap. Just look at this thread https://news.ycombinator.com/item?id=6915741 (Feel free to ignore Moxie, but listen to tptacek). In addition, it doesn't even matter since (a) it's not turned on by default and (b) it can't be turned on for group chats.
That said, I agree that Durov probably is not closely collaborating with the Russian state.
E2E is not available on all platforms, is hidden in obscure menus and the whole UI discourages users from using it. Telegram is a data-harvesting social goolag-oriented network after all. :-/
The greatest feature that telegram offers is cloud sync. Everybody knows the limitations E2EE comes with. There's no way you could have thousands of members in a group on Signal.
Along with that, the ability to manage device sessions and to login on multiple devices with full chat sync is extremely unique to Telegram.
You're asking them to ditch that in favor of inferior UX, which they simply cannot do at this point.
But I do hear the valid complaints. I do believe they should improve MTProto 2.0 to work on multiple devices and in groups. Their implementation is fine for 1-1 chats but having something better than that is always welcome.
Open sourcing it would make no difference. Signal's server is open source, yet the sources are always released late. For a whole year, Signal was running a totally different server code than the one they had made public, they even injected some crypto stuff and not a single person knew what the server was running.
This is the nature of servers. Backend is always unverifiable, even if it's got the latest code available to the public. The only thing open source backend is useful for is self-hosting, not verification.
If it's encryoted E2E, then you don't need to inspect the server side to verify that. And the client is FOSS, anyone can inspect it. (It is my understanding that group chats are not encrypted; I have not cared to verify that one way or the other, but I could.)
Right. If you speak Russian and actually look at what is happening in Telegram, you'd know better. If I was a dissident there and my adversary would be SVR/GRU, I surely wouldn't call it paranoia.
Sorry but this sounds like conspiracy theory stuff. It is encrypted client-server so your message is misleading. And Durov as far as I'm aware is in Dubai. Russia blocked Telegram in the past and because they actually failed (it was still most popular messenger in there despite the block), so they decided to give up the block and started pumping their own propaganda on their own channels.
Maaan, don't you see? This was a controlled move: hook up people to a social network, pretend to clumsily ban it (while also testing and upgrading ISP abilities to do it), control reaction, pretend to unban it (oh, we do what peoples asked! we care! we not baddies! we cool!)
While in the same reality aggressively fight TOR, block VPNs, enforce passport registration, etc. etc. There's even a man jailed for running a tor node!
They just couldn't win and gave up. They accidentally crippled Github, large portions of google cloud and even their own government services while trying to blacklist Telegram and figured it was not worth the risk and getting laughed at.
The Skripal affair and other fuckups highlighted that Russia can't get away with threatening even a retiree's life, let alone millionaire's with some security.
Because SSL is SSL. They sure tried to block a lot of it.
I guess they could collect public keys and block them, but blocking itself is still done by ISP on Roskomnadzor's orders, and they didn't include this capability. That would be another cat and mouse game anyway, you can cut new keypairs faster than you can block them.
Domain fronting used to be quite effective at getting past SNI blocking. Extracting github.com out of a TLS packet is trivial but actually verifying the certificate requires compute power.
Major cloud providers have stopped making domain fronting an option (mostly because it was never supposed to happen anyway) but ISPs are never going to try to validate every single TLS certificate to see what traffic to block and what traffic to let through. The overhead would be enormous and people using custom certificate authorities (businesses and private persons) would get their communication blocked for no good reason.
It's also possible to get around SNI by using session resumption instead of doing a full handshake. 0-RTT TLS needs special attention because of replay attack risks, but it can speed up the network while at the same time avoiding SNI blocking once a session has been set up. QUIC offers a similar solution.
As far as I can tell, the tools normally used for traffic interception don't grow as fast as the tools for new communication. Support for certain protocols can take days to implement on the client side but weeks on the middlebox side, and that assumes your middleboxes get regular updates.
Worst case scenario, people just turn on a VPN to a place that doesn't block their apps and you lose all visibility of their network traffic. Implementing this stuff at scale isn't easy.
I'm pretty sure Telegram runs their own dns with dynamic addresses and you can create a bunch of certificates for weird host names to dupe SNI.
Russia dedicated quite some resources to it and couldn't win. I don't think it had any chance unless they're willing to DPI 100% of traffic China style, but even then it's fundamentally impossible to tell random google cloud/aws website api traffic from telegram.
> People believe it's encrypted but it's not for group chats or default for direct chats.
Did they already adopt a proven published alogithm for encryption, or still using a homegrown KGB-Krypt algorithm? Sorry for a trivial question, I am not a user.
The Russian network block and letting people use Telegram again was the government squeezing their biggest source of users and income until they acquiesced.