Comment on Telegram is indistinguishable from an FSB honeypot
conorab@lemmy.conorab.com 20 hours ago
This seems a bit convoluted as an explanation if I’ve understood it correctly. If Telegram as using a compromised hosting provider then you could have the strongest crypto in the world to prevent a man-in-the-middle from seeing the unique identifier for each device and it wouldn’t matter since they already who which user is which IP from the servers they control. They don’t stand to gain anything by exposing the unique string to MiTM attacks when they already control Telegram’s servers unless their goal is also to allow other countries to see which user has which IP too. It just seems like an incompetent implementation.
rysiek@szmer.info 10 hours ago
Who is “they” here?
If you meant “the compromised provider” here, then no, we cannot assume they know which IP address is used by which user. Full disk encryption exists, you can rent a (physical, dedicated, as is the case here) server from a provider and set it up in such a way that you can be reasonably sure that the provider does not have access to the data on the server.
So in that case the provider would only see the traffic without the ability to connect easily IP addresses with actual devices or users. That is not enough to reliably track anyone long-term, as IP addresses change in ways that often make it difficult to figure out if some traffic comes from the same user/device or not – especially when you travel. But add an identifier visible directly on the wire, like the
auth_key_id, and you can pretty easily say “yes, this new IP address is now used by the same device”.If you mean “Telegram”, and assume Telegram cooperates fully with the FSB, to the point of providing unfettered access to data on Telegram’s servers, then sure. But I cannot prove that, and neither could the IStories team. Can you? You can of course make any assumption you want to (and I am not saying your assumption here is necessarily wrong – only that I cannot prove it), but when I publish I can only work on things that I or somebody else can prove.
And in this story, I can prove that Telegram’s protocol has a very weird, unexpected “feature” that combined with IP address allows anyone with sufficient access to track Telegram users. I can show that this feature is not necessary in such a protocol – other protocols used by other similar tools do not have that issue. And IStories team seem to be able to prove that all Telegram traffic flows through a single infrastructure provider that has ties to the Russian FSB.
That’s all we got currently, but that’s already plenty. Because both of these are decisions made by Telegram, and they strongly reinforce one another.
If that was the only weird technological decision by Telegram with strong consequences for privacy of its users, I could agree.
But as I discuss at length in that blogpost, Telegram has a long, long history of such “incompetence”; they also tend to react badly to anyone pointing this kind of thing out. The
auth_key_idissue has been pointed out years ago and not only is it not fixed, there is no indication that Telegram even considers fixing it.Can you imagine the veritable shitstorm if Signal pulled something like that?
As I wrote in my blogpost, in the end it does not matter if this is incompetence or malice – the end result is exactly the same.