this post was submitted on 23 Jun 2025
69 points (96.0% liked)

Privacy

3075 readers
95 users here now

Welcome! This is a community for all those who are interested in protecting their privacy.

Rules

PS: Don't be a smartass and try to game the system, we'll know if you're breaking the rules when we see it!

  1. Be civil and no prejudice
  2. Don't promote big-tech software
  3. No apathy and defeatism for privacy (i.e. "They already have my data, why bother?")
  4. No reposting of news that was already posted
  5. No crypto, blockchain, NFTs
  6. No Xitter links (if absolutely necessary, use xcancel)

Related communities:

Some of these are only vaguely related, but great communities.

founded 7 months ago
MODERATORS
fxomt@lemmy.dbzer0.com
otter@lemmy.ca
shaytan@lemmy.dbzer0.com
fxomt@piefed.social
69
Telegram is indistinguishable from an FSB honeypot (rys.io)
submitted 1 week ago by Andromxda@lemmy.dbzer0.com to c/privacy@lemmy.dbzer0.com
10 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] LWD@lemm.ee 3 points 1 week ago

The entire set is then encrypted again in transit.

Citation? The author of the article provides theirs, and a cursory glance at the chart that telegram themselves provides reveals that the authentication key is not encrypted at all.

Here's the part of the article you may have missed that clarifies why that's actually a huge issue:

This enables anyone who has sufficient network visibility and a bit of dedication to identify traffic originating from a given user device.

IStories found evidence that all network communication to and from Telegram’s infrastructure go through a company linked to the Russian FSB. This would provide the kind of network visibility that combined with auth_key_id would allow it to identify traffic coming from specific users, globally.

Why exactly did Telegram create a proprietary messaging protocol that uses this "surprising and unnecessary protocol design choice, present neither in Signal nor WhatsApp"?

Maybe it was just a huge coincidence, compounded by other huge coincidences. You tell me. You have the opportunity to blow this article wide open.