https://www.rt.com/news/603033-telegram-founder-paris-arrest/
The founder has been arrested in Paris on charges of abetting criminals by making a censorship resistant app. He in the past claimed the west (NSA/CIA/etc) asked him to put a backdoor in his app and for what little it’s worth he claims he refused.
Now with him in their custody, in their clutches, where they can sentence him to a brutal prison sentence for the rest of his life he may like many people be willing to cut them a deal on a backdoor so he can save his own life. Such a deal may not be publicly apparent and may even be carefully disguised and hidden behind a public legal drama that is fiction.
I don’t think any immediate emergency action is warranted but I would encourage those using it to evaluate what this means for their continued usage and the threat it presents to them say 6 months from now.
We have to wait and see, he could be cleared and leave quickly, he could face a trial which may or may not say anything about him allowing western intelligence to compromise it. As they could try and hide the fact he cut a deal behind a public apparent defeat by his lawyers if they want to keep it under wraps to better utilize such access against Russians for example who are heavy, heavy users of the app and it could present a trove of intelligence to say nothing of abilities to compromise top Russian officials were they to get in bed with the eyes agreement agencies.
Point is they snatched him at the airport when he landed and it can’t be anything but politically motivated.
At the very least I expect them to force him to submit to public censorship of “disinformation” which means the Russian perspective. Oh they’ll bust a few pedophiles and drug rings as well but it’s mainly about controlling yet another app that’s available in the west and sticking a knife in Russia’s back.
Here’s something interesting from Ars:
As Rob Lee, a senior fellow at the Foreign Policy Research Institute, noted tonight, “A popular Russian channel says that Telegram is also used by Russian forces to communicate, and that if Western intelligence services gain access to it, they could obtain sensitive information about the Russian military.” https://arstechnica.com/security/2024/08/shocker-french-make-surprise-arrest-of-telegram-founder-at-paris-airport/
This once again shows the need for tech sovereignty among anti-imperialist nations. It’s not enough to use something that’s not directly controlled by the enemy because the enemy will find ways to pressure, blackmail, coerce those third parties into doing their bidding anyways. It’s important for these countries to have platforms safely headquartered within one of these other friend nations that are resistant to just one person being arrested, where even someone with extraordinary access wouldn’t be a threat because of security service involvement.
Telegram does not encrypt by default. It’s always been no better than text.
Well yes and no. SMS messages are readable by the carrier (both receiving and sending) and absolutely accessible to the FBI and NSA often without a warrant and they’re stored for 6-18 months or so by the carriers.
Telegram on the other hand to my knowledge still practices encryption in transit. Your connection and data you send to Telegram is over an encrypted connection like HTTPS. That means your carrier/ISP cannot see what you’re saying on Telegram just that you’re using it.
Is it completely secure against third parties, against Telegram itself being compromised? As in end to end encryption. No. And that’s why an arrest like this is particularly problematic as anyone who can coerce the company or someone with sufficient access can just get all this data from them as well as doing other things. But it does reduce the number of parties with easy access and raises the bar to gaining access somewhat. As evidenced by the Snowden leaks we can’t be sure any service that isn’t based entirely in an anti-imperialist core nation like China doesn’t have the NSA in the back siphoning up all the data or even just metadata.
As with many things there are degrees of security and privacy with encryption. SMS I’d consider as safe as shouting something in a public space. This I’d consider as safe as sending a UPS envelope with a message inside to someone. Properly implemented E2E I’d consider sending a UPS envelope but the contents inside are scrambled and unreadable except to your recipient who has a special decoder that UPS isn’t in possession of.