Pavel Durov's arrest

1 Like

Anyone who thinks any form of electronic communications can’t be monitored and/or intercepted in by any of the various government agencies set up to do exactly this is huffing glue.

Book ciphers and dead letter drops aren’t making a comeback because intelligence agencies missed them.

What I would like to know, if it’s possible why isn’t there monitoring if pedophiles and other antisocial traffic? It is much harder than it seems to wade through all the chaff online. Maybe LLM of AI will soon be a great help but until then it’s a manpower challenge. China has massive tech surveillance and still doesn’t catch absolutely everything.

I always thought the UK resistance to having ID cards was naive because even if a person stays off the internet, mobile phones, credit cards, Oyster cards, NHS etc. all build up profiles and can monitor citizens.

An argument for IDs is that it would greatly help to reduce and/or protect undocumented workers from exploitation, and an established system would be helpful in monitoring all the social services applications. The concept of privacy does no longer means being completely hidden, just that one’s particulars are not available for all and anyone to freely access.

As for trust in the government, as some wag said,

“Relying on the government to protect your privacy is like asking a Peeping Tom to install your window blinds”

1 Like

It would appear that Telegraph uses 256-bit symmetric AES encryption, 2048-bit RSA encryption, and Diffie-Hellman key exchange, so yes it’s possible, and getting possibler (to coin a word) with quantum computing but currently it’d take forever, literally. Like a billion years or so.

The thing is the messages are probably still in plain text on the sending and receiving devices. So far easier to hack them than the message in transit.

1 Like

There is a huge amount of work going on in this area, both prevention and detection, and you couldn’t pay me enough to do such harrowing work.

1 Like

You catch ‘em, I’ll drop ‘em into the industrial wood chipper.

1 Like

Thanks John, I’m sure many more of us now have a better grasp of the subject! :wink:

1 Like

Sorry, don’t have time to read the whole thread but isn’t the point here that the endpoints were compromised, not the communication.

Until someone comes up with a fast way of breaking down very large numbers into their prime factors modern encryption is solid. And if some government had come up with a way of finding prime factors of 1024 or 2048 bit numbers they would keep very, very quiet about it.

1 Like

I think the users are worried that Durov’s going to be tortured in the basement of 36, Quai des Orfèvres until he reveals the “keys” :roll_eyes:

The way into a Telegram group like that is not to try to crack the encryption. It’s far easier to use other methods such as social engineering and as @John_Scully says, targeting individual devices.

1 Like

That’s only used for e2e encryption of private messages. The ‘public’ stuff isn’t encrypted on Telegram, as confirmed by the EFF:

There’s always, without fail, a great XKCD comic for everything…

3 Likes

That’s what’s happening right now :face_with_hand_over_mouth:

I have just discovered that I have been banned from Facebook and as I never post but look at what my friends post, I haven’t the faintest idea why.
I can’t say I am particularly bothered, rather look on it as a badge of honour.

1 Like

Seems some people are potentially going to be targeting French organisations in cyber attacks due to Durov’s arrest… Don’t they realise we’re all on holiday for another week?

https://x.com/DailyDarkWeb/status/1828072033457959253

2 Likes

Musk and Zuckerberg next :crossed_fingers:

2 Likes

Oh oh :thinking: Here’s an excerpt from the Guardian’s Alex Hern’s Techscape email today… Maybe no need for the thumbscrews in the basement of Quai des Orfèvres after all.

Encryption

But there is one quirk about Telegram that means it’s in a somewhat different position to peers such as WhatsApp and Signal: the service is not end-to-end encrypted.

WhatsApp, Signal and Apple’s iMessage are built from the ground up to prevent anyone other than the intended recipient from reading content shared on the services. That includes the companies that run the platforms – as well as any law enforcement that might request their help.

It’s caused no end of friction between some of the largest tech companies in the world and the governments that regulate them but, for the time being, the tech companies appear to have won the main fight. No one is seriously demanding end-to-end encryption be outlawed any more, with regulators and critics instead calling for approaches such as “client-side scanning” to try to police messaging services another way.

Telegram is different. The service does offer end-to-end encryption, through a little-used opt-in feature called “secret chats” but, by default, conversations are encrypted only insofar as they can’t be read by any random person connected to your wifi network. To Telegram itself, any messages sent outside a “secret chat” – which includes every group chat, and every message and comment on one of the service’s broadcast “channels” – is effectively in the clear.

That product decision marks Telegram out as distinct from its peers. But, oddly, the company’s marketing implies the distinction is almost exactly the opposite. Cryptography expert Matthew Green:

Telegram CEO Pavel Durov has continued to aggressively market Telegram as a “secure messenger.” Most recently he issued a scathing criticism of Signal and WhatsApp on his personal Telegram channel, implying that those systems were backdoored by the US government, and only Telegram’s independent encryption protocols were really trustworthy.

It no longer feels amusing to see the Telegram organization urge people away from default-encrypted messengers, while refusing to implement essential features that would widely encrypt their own users’ messages. In fact, it’s starting to feel a bit malicious.

Hmm, well it would make sense for Mr. Durov to claim he can’t see content as a defence against the charges of not dobbing in the criminals using the platform. If he can see content, and deliberately kept quiet on their behalf, it looks like such potential charges arising from the investigation may be forthcoming, and merited.

Any vestige of sympathy is rapidly vanishing.

BBC News - Telegram repeatedly refuses to join child protection schemes

I’ve no time for any of them.

They’ve charged him.

https://www.nytimes.com/2024/08/28/business/telegram-ceo-pavel-durov-charged.html?smid=nytcore-ios-share&referringSource=articleShare

1 Like