720-891-1663

Alerts, Legal, Privacy, Safety

What Does the Arrest of Telegram CEO Mean

Leave a comment

Okay, let me start with this post is going to be a bit geeky. If you are not into geek, you can probably skip it.

Telegram is a social media platform mostly used in countries where the likes of Meta and Twitter are banned. People use it for similar reasons. Sort of.

Over the weekend the French arrested Telegram’s CEO Pavel Durov. As a multi-billionaire, he probably did not expect to wind up in a French prison.

The French are being very tight-lipped about what is going on, other than that he was arrested when he arrived on his private plane at an airport outside Paris. Potential charges he could face include distribution of kiddie porn, money laundering and drug trafficking. All of this not because he is into any of those things but that he doesn’t stop them from happening on his platform.

All kinds of folks are up in arms, but for different reasons. Some, kind of like Elon Musk pretends, are free speech absolutists (unless you say something bad about him). Russia has a very different concern and hasn’t really figured out how to spin the arrest. Telegram is very popular in Russia. In fact, many in the military use it as the main form of communicating. If you can figure out how to encrypt a message (it is really hard, more later), it is relatively secure. Unless the French pressure him into giving up the encryption keys. Think of putting Donald Trump in SuperMax for a couple of days. He would probably be pretty willing to cooperate with your “requests”. So, if Durov gives up Telegram’s root keys, that would kind of be a BIG problem for Putin.

The problem that the Europeans have with him, like they do with Twitter, is that there is a lack of content moderation. While there is some crime conducted on Twitter, it is relatively light compared to the amount of every flavor of crime going on with Telegram. Think of it as Silk Road Light.

The French have sort of said his arrest is related to an investigation into kiddie porn or child sexual abuse material. They might get what they want from him and release him. Under French law, they only can hold him without charging him for a few days so this might be a “catch and release” exercise. Stay tuned on that one. Credit: Cybernews

But that is really not the interesting part to me. Telegram itself and other people call Telegram an encrypted messaging app. No one in the United States would call it that. That is likely the reason that Russia allows it while banning Facebook.

Most people’s definition of encrypted messaging is that (a) messages are end to end encrypted by default and (b) the encryption is either transparent or very easy to use.

TELEGRAM MEETS NEITHER OF THESE REQUIREMENTS.

Matthew Green, a internationally known cryptographer and professor at Johns Hopkins wrote a diatribe about this on his blog the other day.

Key points – and if you are a geek I recommend Green’s blog:

  1. Telegram messages are NOT encrypted by default.
  2. It is very hard to encrypt messages in Telegram.
  3. Encryption does not work for group messages – only with one-on-one messages if you can figure out how to turn it on.
  4. The encryption that they use is super weird. It may be secure. Or not.
  5. The button to turn on encryption is buried like four levels deep.
  6. It only works if the two parties to the message are both online at the same time due to the way that they handle key exchanges.
  7. They have not done anything since 2016 to make encryption easier to use (probably intentional so that he does not “fall” out of some Moscow 6th story window).

Many people use Telegram for its social media features, in which case they don’t care if it is encrypted. But, who does use it?

For one, Russian war bloggers. Mostly saying flattering things but not alware. After all, they don’t want to fall out of 6th floor windows either.

For another, Russian soldiers. For both official and unofficial communications. This is likely very useful to both Ukrainian and U.S. intelligence officers.

Also, for most apps (Signal is an exception), the meta data is not encrypted. That is super useful to both Russian and American spies. People think what they are doing is secure when, in fact, it is not.

Stay tuned here. We **MAY** find out why he was arrested and what it took to win his release.

On the other hand, we ** MAY NOT**. Credit: Matthew Green

Facebooktwitterredditlinkedinmailby feather

Leave a Reply

Your email address will not be published. Required fields are marked *

Copyright © 2024 CyberCecurity, All rights reserved. Privacy Policy