Search Mailing List Archives

Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] About Telegram

Maxim Kammerer mk at
Fri Feb 21 09:39:08 PST 2014

On Fri, Feb 21, 2014 at 2:52 AM, Steve Weis <steveweis at> wrote:
> Hi Maxim. There was a man-in-the-middle attack against Telegram's
> algorithm published back in December:
> (Russian)

That's interesting, thanks. I now remember reading that writeup at the
time, as well.

> If I understand the translation of this link, Telegram gave him
> $100,000 for the break:
> (Russian)

Yes, Pavel Durov gave him the money, sort of outside the contest.

> That's an expensive crypto lesson, but apparently Telegram put their
> money where their mouth is.

Exactly, that's something to respect. This approach also goes both
ways — note how Durov refers to “respectable American cryptographers
on HackerNews” with contempt, as contrasted with some guy who got his
hands dirty. Words are cheap.

All I see is snobbishness of people who have typical Western fear of
steering from “authorized” engineering approaches. The people are
quick to judge some unknown foreign developers incompetent, whereas,
for instance, a company like Google didn't even manage to properly fix
their Android security fiasco, for instance — they still ship the
garbage PRNG code, because apparently no one there can understand how
that code (which they copied as-is from another project without any
tests) works, or is integrated into anything. [1] Yet, Google products
(like chat) are often recommended as secure enough for activists.


Maxim Kammerer
Liberté Linux:

More information about the liberationtech mailing list