As part of the investigation, I have looked closely at Telegram's protocol and analyzed packet captures provided by IStories.

I have also done some packet captures of my own.

I dive into the nitty-gritty technical details of what I found and how I found it on my blog:

Telegram is indistinguishable from an FSB honeypot
rys.io/en/179.html

Yes, my packet captures and a small Python library I wrote in the process are all published along.

#Telegram #InfoSec #Privacy #Surveillance #Russia

Telegram has responded to IStories' piece:

> All Telegram servers are Telegram’s property maintained by Telegram employees. Unauthorized access is not possible. Telegram has neither employees nor servers in Russia. In the entire history of Telegram, it has never handed over private messages to third parties, and its encryption has never been hacked
vot-tak.tv/87198696/fsb-chitae…

This answers exactly zero of the crucial points raised by the story.

Let's dissect it! 🔍

🧵

#Telegram #FSB

Telegram может быть небезопасен для пользователей по всему миру. «Важные истории» выяснили, как мессенджер Павла Дурова связан с ФСБ

Российские спецслужбы имеют доступ к переписке сотен миллионов пользователей Telegram — как в России, так и за рубежом. Об этом говорится в расследовании «Важных историй».

^{Telewizja Polska S.A}

> All Telegram servers are Telegram’s property maintained by Telegram employees.

👉 First: the story is not about the servers, it's about whose infrastructure the traffic flows through.

👉 Secondly: Vedeneev, the Russian owner of the infrastructure provider GNM used by Telegram, had signed documents as Telegram's CFO (would that qualify as "employee"?), and presented himself in Florida court as the person authorized to handle Telegram's servers.

🧵

#Telegram #FSB

> Unauthorized access is not possible.

Unauthorized access to… what exactly? To the servers, which the story is not about? To data on the servers, which again, the story is not about?

Or do they mean the traffic? Because if they mean the traffic here, then GNM's access to it, as the networking provider, would be totally authorized after all.

So, either they are talking about something irrelevant (servers), or they make a statement that looks good but does not actually contradict the story.

🧵

> Telegram has neither employees nor servers in Russia.

There we go with the servers again!

Regarding employees – okay, so was Vedeneev a contractor? In the story he himself says that that the arrangement was "informal".

Telegram tries to pull a "Schrödinger's Vedeneev" here. He's an "employee" when handling the hardware in Florida, but not an "employee" in Russia? I guess?

Regardless, all that is beside the point, which is: traffic analysis and cleartext device identifier.

🧵

#Telegram

> In the entire history of Telegram, it has never handed over private messages to third parties

🚨 Sneaky use of "private messages"!

Remember, Telegram has end-to-end encrypted "Secret Chats", which almost nobody uses; and then it has "Cloud Chats" for everything else.

They decided to add "private" here, as if "less private" non-Secret-Chat messages had been provided to third parties? ..

Yes, there are indications of just that if you're wondering:
wired.com/story/the-kremlin-ha…

🧵

The Kremlin Has Entered Your Telegram Chat

Russian antiwar activists placed their faith in Telegram, a supposedly secure messaging app. How does Putin’s regime seem to know their every move?

^{Darren Loucaides (WIRED)}

> and its encryption has never been hacked

Ignoring dumb use of the h-word (🙄), Telegram encryption – specifically, the v1 of their homegrown MTProto protocol – had been shown to contain "a most backdoor-looking bug" some people have ever seen:
words.filippo.io/dispatches/te…

This has since been fixed, and MTProto 2 has been rolled out. But it still smells funny to a lot of cryptographers.

More importantly though: the story is not about breaking Telegram's encryption

Another red herring!

🧵

The Most Backdoor-Looking Bug I’ve Ever Seen

This is the story of a bug that was discovered and fixed in Telegram's self-rolled cryptographic protocol about seven years ago.

^{Filippo Valsorda}