Telegram: what security risks for users

Telegram: what security risks for users

#Telegram #security #risks #users

Telegram has joined the list of most used messengers today. Considered more secure in the protection of personal data than its similar WhatsApp, it is not as shielded as its developers want, against security risks for users. Remember, privacy invasion problems have already generated serious political controversies in Brazil. Interested in knowing why and how security risks happen in Telegram? Continue reading the article, you will better understand the subject

  • Image encryption restricted to secret conversations

  • Danger of the People Near the Telegram function

  • Disable the notification “a contact has entered Telegram”

  • Media serving and copyright issue

Telegram is a messenger focused on protecting secret (private) conversations and personal data against marketing and advertising. But, not everything is a sea ‘only’ of roses’, see the reasons in the sequence of the text.

Image encryption restricted to secret conversations

Even considering that Telegram uses end-to-end encryption, well before WhatsApp, it is only activated for secret conversations, the others being at the mercy of cybercriminals who hang around the messenger and the app’s servers. This is the first risk that the user of the Russian app, the American’s rival, runs. In the latter, encryption is already valid for any type of conversation.

  • Secret conversations: they use the end-to-end encrypted system, that is, client-client, both for personal data and conversations, and cannot be forwarded to other users. Accessing and deleting messages can only be the initiative of those who participate in the conversation.
  • Normal and group conversations: they are stored in the cloud with a different encryption system – client-server and client server and, thus, more vulnerable despite the encryption being based on the MTProto protocol. Data and conversations are not stored on devices, but on the web.

Observation: the MTProto protocol involves symmetric 256-bit AES encryption, 2048-bit RSA encryption and secure Diffie-Hellman key exchange.

Danger of the People Near the Telegram function

The feature is super interesting! But only at first glance, because he has to use GPS to do this, which can cause a security breach for the messenger members. And, even considering that the feature is disabled by default, it is in most accounts activated very quickly (Contacts> Nearby). Did you know that hackers know and can easily falsify the geographic location on Telegram? That’s right, this is real data – creating two accounts with fake addresses, the scams are simple things to happen: the invaders will, so to speak, triangular, calculate, the exact location, in meters, of the messenger’s members in the vicinity of you. By activating the feature, users’ distance is disclosed to others in the app. In this way, a malicious person is able to falsify the GPS location on the cell phone, to find out where a particular member is from other places. Until Telegram does not address this security issue, it would be best to keep it Close people disabled, without considering the messenger’s suggestion, take a peek at the image below.

Disable the notification “a contact has entered Telegram”

Nothing is more uncomfortable than this feature, already activated by default, because all contacts in your phone’s phonebook that use the app, will know that you have just created an account! It doesn’t take much explanation, does it? We do not always want to be visible to all contacts in an agenda that, for the most part, has many years of existence. It is a real intrusion into privacy. If you want to disable this option, simply Android:

  • Open Telegram and touch the menu (three horizontal lines)> settings
  • In the settings, open the section Notifications and Sounds
  • Then find the option Events and disable it by sliding the button to the left.

In case of iPhone, the path is similar, also Notifications and Sounds, but disabling the option, right below the screen, New contacts:

Media serving and copyright issue

Knowing the Telegram cryptography system policy, we know that only the secret chat is protected against interception and content tracking. It is also clear that for normal conversations and groups this security layer is different – end-to-end encryption is needed. This is because a lot of media content is shared, even in its entirety. Here, Telegram is faced with a serious problem – how to deal with the large number of downloads, external, of user content, transmitted and downloaded in the messenger? It is predictable and expected that Telegram will not escape the obligation to sign copyright agreements with media producers (as with social networks or YouTube, for example). If you are a media creator, stay tuned.

Photo: © prykhodov –

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *