Consider protecting your account by enabling 2-Step Verification and setting up a strong passcode to lock your app, then it won’t be possible to access your chats by stealing your device or even by intercepting your SMS code. If you are concerned about security in general, there are other important precautions you could take. (I hope I made it clear on this point, I am not so sure.)īut, continuing the quote from the linked article: In this way, a telegram employee can not access my account even if they know the token generated on the server. In fact, I can easily imagine a scenario where the telegram server generates a token that is sent to my device, and the telegram app on my device computes the 6-digit code using both the token and my very private key. I suppose that when I want to access my telegram account from a new device and an authentication token is sent to my other telegram device, this authentication mode is secure, not just in the sense that it cannot be seen by hackers. Telegram can be forced to give up data only if an issue is grave and universal enough to pass the scrutiny of several different legal systems around the world.Īs a result, we have disclosed 0 bytes of user data to third parties, including governments, to this day. Thanks to this structure, we can ensure that no single government or block of like-minded countries can intrude on people's privacy and freedom of expression. As a result, local intruders or engineers can't access this data, and several court orders from different jurisdictions are required to force us to give up any of it. The relevant decryption keys are split into parts and are never kept in the same place as the data they protect. Cloud Chat data is stored in multiple data centers around the globe that are controlled by different legal entities spread across different jurisdictions. Since without E2EE Cloud Chat data is theoretically accessible, we use a unique distributed infrastructure to protect it. The only article I have found about the topic is this one. I'm asking about the content of cloud-based chats, which is kept on telegram servers. I also know about the telegram security contests, but I know that they are bullshit because they will only tell telegram secure against KPA attacks.įurthermore, I am not asking about secret chats, I know they are end-to-end encrypted. I have read a lot of criticism about the protocol itself, but no answer to my question yet. I am concerned about a very specific part of the telegram security protocol. A random hacker access my telegram account by entering my phone number on the official authentication portal and hijacking the SMS code they send? orĪ "telegram engineer" access my telegram account by changing a bit the system such that the SMS code is not sent over the GSM network but to his device?
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |