Durov's Channel
527K members
21 photos
1 video
42 links
Thoughts from the product manager of Telegram.
Download Telegram
to view and join the conversation
If you haven’t read it yet, here’s the full story about the US agencies’ attempts to infiltrate Telegram last year: https://thebaffler.com/salvos/the-crypto-keepers-levine

It tells how the FBI tried to influence me and bribe our engineer in May 2016 to make Telegram less secure. Luckily, since neither of us are US citizens, we could afford to refuse their offers and I was able to tell the public about these attempts. If we were American citizens, the FBI would have likely tried to silence us using a legal procedure called a "gag order" – when the US authorities can not only demand that you do something (like plant a backdoor into your app), but also prohibit you from telling the public about it (otherwise you can end up in jail).

That whole story made me ask myself this question: if our team experienced such pressure during just one week’s trip to America, what kind of pressure are US-based tech companies facing every day? How can a privacy oriented company permanently operate from America? We can hope that the open US legal system would defend them, but due to the secrecy of these “gag orders” we would never even know if things went wrong. And unfortunately, Edward Snowden’s revelations confirm some of the worst fears.

The article also provides facts that confirm something that I always feared could be true – that some of the famous and most vocal US-based influencers within the cryptography world are sponsored by the US government to push the agenda of its agencies. Some past cases are widely known (like NSA infiltrating RSA), but it looks like the level of collaboration between US agencies and these influential “privacy advocates” is much deeper.

All of this makes protecting privacy really hard, particularly considering the fact that Google and Apple – the two companies which we are dependent on for mobile operating systems – are based in the US. I don't see any easy recipe or solution to fix this. I wish one day huge companies like Apple and Google can become independent of any government that can distort the mission of their founders (maybe start their own countries?).

Until then, I’ll continue doing my part building Telegram and protecting our users, even if that will require speaking out under gag orders. I know this can probably get me into trouble some day, as it did in the past when I was living in Russia. But this is the only way I can imagine myself going forward, so I don't have and won’t have any regrets. It’s all worth it because of you guys – the millions of users who entrusted their private data to Telegram.
On the September 13th Connection Issues

Yesterday Telegram experienced something extraordinary. At 17:45 UTC there was an immense spike in user activity on Telegram that exceeded our peak load by 5 times.

Telegram is different from most other internet services in that we use a distributed server infrastructure, so peak loads cannot make the whole of Telegram go down. However, if one of the Telegram clusters is severely affected, a part of our users can experience difficulties sending and receiving messages.

This is exactly what happened yesterday. Due to the spike, one of the Telegram server clusters went down in part and approximately 15% of the users who were online at the time experienced connection issues from 17:45 to 18:10. The issues were partially fixed at 18:10, but about 11% of online users could still face slow or no performance until 19:00 when the problem was permanently fixed.

The regions that were most affected are Germany, Iraq and the CIS – most notably, Uzbekistan, Russia, Ukraine, Kazakhstan and Belarus. We briefly commented on the situation via Twitter, but I’d like to tell more extensively about it here.

1. First of all, we are extremely sorry for the inconvenience this has caused. The cluster that went down hasn’t had any issues for a few years now, so I can imagine the shock of the users affected by yesterday’s downtime. We understand that you use Telegram constantly for work and leisure, and that we must be online 100% of the time. We take yesterday’s issues very seriously.

2. Secondly, to make sure this doesn’t happen again, we identified the cause of the problem and have eliminated the bottlenecks in our infrastructure that caused the downtime. We think that x5 peak load spikes won’t be a problem any longer. We've also set up a plan to be able to cope with x20 load spikes (however unlikely the x20 scenario may seem) before the end of 2017.

While unfortunately no one can completely rule out the chance of another downtime some time in the future (there’s always a slight probability of some unexpected Black Swan event), I can assure you that we at Telegram are working hard at taking this chance to the lowest in the industry.

We strive to be the winner in every aspect including availability. So far the Telegram uptime stats look good compared to other major communication services – also because Telegram can never go down entirely around the world. But we are not satisfied with just that, and our work continues.

Thanks for your attention, and again – apologizes to anyone who was affected.
Why I Can't Visit Iran and Russia

Today, Iran joined the list of countries I can't travel to – Tehran's prosecutor just filed criminal charges against me there. More than 40 million people use Telegram in Iran and we've never blocked a single political channel and gave up exactly zero bytes of data to the government (in Iran and elsewhere).

Russia, where we have about 10 million users, is also rushing to join Iran in filing charges against the Telegram management. They seem to be unhappy because we won't comply with the unconstitutional "Yarovaya laws" and won't give them the encryption keys they wanted. I always publish such demands online, and did the same today with the documents that the FSB has been sending to our London office in the past weeks.

Because of my parents, not being able to visit Russia on occasion is more painful for me than never going to Iran. But Mom and Dad are not too old to travel and the globe is still pretty big.
Disruptions, China and Principles

Our Asian users may have noticed two nasty disruptions in our service in the past week. The Singapore data center we’re using has been causing trouble due to a faulty UPS system. Power losses are something that is never supposed to happen in a data center, so at some point I even thought that this could have been an act of sabotage.

Most likely though, it was “just” a major hardware malfunction. The faulty UPS (Uninterruptible Power Sources) are being replaced by the data center staff as I’m typing this. I hope this will make things right as the absence of power supply is one of the few things we can’t fix by ourselves.

Asia is obviously a huge market for Telegram. However, as you may remember, Telegram has been blocked in China – the continent’s largest market – since 2015, when the Chinese human rights activists started using Telegram to communicate.

We didn’t try to get unblocked there by negotiating with the Chinese authorities. It’s pretty obvious that the Chinese government's desire for total control over its population is incompatible with our values. However, Telegram is still available through VPN services, and recently more Chinese users started to join Telegram after their local app WeChat got compromised –

https://www.bloomberg.com/news/articles/2017-09-15/china-s-wechat-crackdown-drives-bitcoin-devotees-to-telegram

For us this is just another indication that sticking to your principles makes more sense than yielding to pressure. In the long run, compromise based on lies and violations of rights gets you nowhere.
Why Charges Against Us in Iran And Russia Don’t Matter

Some users ask me how the charges in Iran and Russia will affect Telegram and me personally. The simple answer to this is: they won’t.

It’s easy for me not to travel to Iran – while the country has a rich history and sounds like a fun place, I have no connections with it and can live with that travel ban. It’s a bit more noticeable in case of Russia since I am an ethnic Russian (although with a St. Kitts passport), and my parents live there. Not being able to occasionally drop by is not great, but a small price to pay considering the matters at stake.

Luckily, we don’t have any legal presence in any of these countries. The last remaining link between Telegram and Russia was cut in July, when we terminated our contract with “Telegraf” – a Saint-Petersburg-based company to which we outsourced fighting spam coming from (surprise) Russia and Iran.

“Telegraf” used to play a larger role in the early days of Telegram when I was living in Russia, losing its importance after I left in 2014 with our core team.

Following the events this June when the Russian authorities threatened to block Telegram, “Telegraf” lost its outsourcing contract from Telegram Messenger, let go all of its employees and changed its owner. By September when the Russian authorities started sending warnings to our London office, they had nobody to target in their jurisdiction, not even Russian spam moderators.

This story highlights something local regulators often tend to ignore: it’s 2017, and the world is open and connected. If you pass archaic laws that limit freedoms, all you’ll end up doing is killing your own economy. In the last few years, Google, Oracle and Microsoft (Skype) shut down their development offices in Russia, and many smaller companies followed suit.

While the state of affairs in Iran doesn't look much brighter than in Russia, things seem to be going in the right direction there compared with the situation a few years ago. I’m not an expert on Iran, but one thing about the country is clear to me: despite the continuing debate among the Iranian politicians on how to regulate the Internet, Iran is not blocking Telegram, and for the last few years 40 millions Iranians have been able to securely communicate and to get news from independent sources through Telegram channels. Instagram and WhatsApp are also accessible there.

For any European this would sound like the norm, but unfortunately it’s not always like this in the world. The Chinese and the North Koreans, for example, are far less lucky when it comes to such freedoms, and Saudi Arabia had been throttling Telegram’s traffic until recently. The situation in Iran itself used to be very different: almost all major internet services were blocked in the country several years ago (some of them still are).

Don’t get me wrong: there are probably many things that Iran can change for the better (a more IT-friendly prosecutor of Tehran, perhaps?), but overall it seems that the country is moving in the right direction by becoming more open and market-driven.

I hope that one day Iran and Russia get to a point when we (and other IT companies) will be able to set up offices there. Until then, we’ll continue providing secure messaging to users in these markets from places that respect freedom.

We don't care if specific countries press charges against us for defending the privacy of our users. We are always ready to cut all our personal and business links to such places so that they don't have any leverage on us. They can try to block us on their territory, but, as I've shown in my previous post about China, even this won't always help them. Eventually freedom and privacy will prevail, and those who would like to get back to the 1930s will find themselves on the wrong side of history.
An epic Telegram update is coming today. Along with some cool new features such as Live Locations and the new Music Player, Telegram 4.4's UI supports many more languages that you’ve been asking us to add, namely French (I’m still excited that “stickers” are in fact “autocollants”), Indonesian, Malay, Russian, Ukrainian and – very soon – Persian.

As someone who majored in linguistics, I know there are thousands of small details that are easy to miss when you translate things into other languages.

That’s why we’re launching the Telegram Localization Platform today – it allows our users to suggest and vote for translations of phrases found in the Telegram UI. Unlike other apps, we can instantly push fixes for the localized versions of Telegram from the server-side, without forcing our users to update the whole app for a few changes in wording.

So if you’re unhappy about how a specific word in the Telegram UI was translated into your language, go ahead and suggest an alternative at translations.telegram.org. If the new version you suggested outvotes the currently applied one (and a Telegram admin approves it), your change will instantly go live for millions of users.
In other – more personal – news, I’ve turned 33 today.

Earlier I shared some info about how I stay healthy and productive. In short, there are 7 things I never do:

1) Alcohol
2) Meat (fish is OK though)
3) Any kinds of pills and meds (unless I’m at a dentist’s)
4) Nicotine and other addictive drugs.
5) Coffee, black and green tea, energy drinks (I drink herbal teas instead).
6) Fast food, sugar, carbonated soft drinks.
7) TV and its alternatives.

At certain points in life, I realized these things decrease productivity and clarity of thought. So I’ve been living without them for many years now and in general have been feeling great and healthy.

Disclaimer: I do not recommend folks with permanent health issues to stop taking medication. While I’m happy with my habits and lifestyle, I’ve no idea whether the same would work for you. I guess it should, provided you’re young and healthy. But if you’re young and healthy, there are good chances that having fun is more important for you than increasing your productivity, so you may safely ignore these tips. However, if you enjoy building stuff more than consuming it, you might benefit from abstaining from these 7 items above.
You already know Telegram has your back when it comes to privacy. Another human right we feel passionately about is the freedom of speech. In some countries Telegram is the only popular platform for independent sources of information. Take Iran for example, where the BBC is blocked, but its @bbcpersian channel has been active for years and attracted almost a million followers. There are thousands of large Telegram channels that are critical of their governments.

Telegram has never yielded to pressure from officials who wanted us to perform political censorship. Freedom of speech is one of the values we’ve been defending for the last 11 years, first in Russia, and then globally.

Of course, there are rules that admins of Telegram channels should respect, for example, Telegram ToS prohibit publicly promoting violence in any form. This is why this October alone we have blocked over 8,500 channels related to terrorism (more stats in @isiswatch).

Another recent example of a line one shouldn’t cross is an Iranian channel that started to urge its members to throw stones into the windows of public buildings and vehicles (schools, temples, buses) and film it. We got in touch with the channel admins and asked them to stop this vandalism contest; not only did they ignore us, but launched another creepy competition urging their 100K+ users to burn mosques by throwing Molotov cocktails into them and film it. As a result, we were left with no other options but to block their channel.

For us, the line is pretty straightforward. Criticizing local authorities, challenging the status quo and engaging in political debate are OK. Meanwhile, promoting violence and calling for actions that can harm innocent people are not OK. This is a rule of thumb we’re always applying when moderating public channels.
Happy Winter Solstice! May your wishes come true 🌟
Happy New Year, everyone! 🎉
I hope you enjoyed the Telegram product updates this December. Stay tuned – we are going to make 3 big announcements in January.

On a less joyful note, Iranian authorities started blocking Telegram in Iran today after we publicly refused to shut down channels of peaceful Iranian protesters, such as @sedaiemardom.

We are proud that Telegram is used by thousands of massive opposition channels all over the world. We consider freedom of speech an undeniable human right, and would rather get blocked in a country by its authorities than limit peaceful expression of alternative opinions.

When it comes to freedom of speech, Telegram is as unrestricted as a mobile app can get. In 2015, after Apple and Google reached out to us in the aftermath of the Paris attacks, we added the simplest Terms of Service theoretically possible in an app: no calls for violence, no porn and no copyright infringement on public broadcast channels.

Since then, Telegram has been blocking hundreds of violent public channels daily (including those reported in @isiswatch), making sure our rules are applied equally and fairly to all players, regardless of their size and political affiliation.

Yesterday we had to suspend @amadnews, a public channel that started calling its subscribers to use Molotov cocktails and firearms against police. The admins of the channel reached out to us after the fact, apologizing for breaking our rules and pledging not to promote violence in the future. As a result, they have been able to reassemble most of their subscribers (800,000) in a new peaceful channel, which we welcomed.

Obviously, our neutrality and refusal to take sides in such conflicts can create powerful enemies. Iranian officials have filed criminal charges against me back in September for letting Telegram spread “uncensored news” and “extremist propaganda”. Today they imposed a block on Telegram – not clear whether permanent or temporary.

And yet, doing the right thing is more important than trying to avoid having enemies. We’re extremely lucky to have been able to consistently apply our principles in 2017. We will continue doing it in 2018 – and beyond.
The Kaspersky antivirus company claimed today they found a “0-day vulnerability on Telegram for Windows”, which affected “1000 users before it was fixed”.

As always, reports from antivirus companies must be taken with a grain of salt, as they tend to exaggerate the severity of their findings to get publicity in mass media. Telegram Geeks, a community of Telegram fans, gave a good explanation of what it really was about:
Forwarded from Telegram Geeks
▶️ Our two cents:

Well, this is not a real vulnerability on Telegram Desktop, no one can remotely take control of your computer or Telegram unless you open a malicius file.

This kind of vulnerability is based on social engineering.

In fact, it was a .js file hidden on a a .png file, this happened thanks to RTL characters.

Windows users must click on the Run dialog in order to install the malware.

So don't worry, unless you opened a malicius file, you have always been safe.

ℹ️ @geeksChannel
Happy Valentine's Day! I see some good art in trending stickers, be sure to check it out.
This media is not supported in your browser
VIEW IN TELEGRAM
This week, over 700,000 new users are signing up for Telegram each day. The annual user growth of Telegram surpassed 70% YoY in most markets.

With so many new people joining, not every user may have a clear understanding about what Telegram stands for.

That’s why when announcing the 200M milestone last week, I used the opportunity to write a bit about the values of Telegram and what drives us forward.

https://telegram.org/blog/200-million
Every service growing too fast is bound to experience growing pains; unfortunately, Telegram is no exception, although we strive to be one.

Many of our European users noticed connection issues earlier today. Those were caused by planned maintenance by our data center provider, which unfortunately lead to unplanned downtime. Thanks to Telegram’s distributed infrastructure, Americas and East Asia were not affected by the issues.

We sincerely apologize for the inconveniences this might have caused – we know tens of millions of Europeans rely on Telegram for communication with their colleagues and loved ones.

To make sure such disruptions don’t happen again, we have established a more direct and real-time communication between our engineers and the data center electricians, and, more importantly, started upgrading our power-related equipment to add even more redundancy.

Thank you for your support and patience during this time.
The power that local governments have over IT corporations is based on money. At any given moment, a government can crash their stocks by threatening to block revenue streams from its markets and thus force these companies to do strange things (remember how last year Apple moved iCloud servers to China).

At Telegram, we have the luxury of not caring about revenue streams or ad sales. Privacy is not for sale, and human rights should not be compromised out of fear or greed.
For the last 24 hours Telegram has been under a ban by internet providers in Russia. The reason is our refusal to provide encryption keys to Russian security agencies. For us, this was an easy decision. We promised our users 100% privacy and would rather cease to exist than violate this promise.

Despite the ban, we haven’t seen a significant drop in user engagement so far, since Russians tend to bypass the ban with VPNs and proxies. We also have been relying on third-party cloud services to remain partly available for our users there.

Thank you for your support and loyalty, Russian users of Telegram. Thank you, Apple, Google, Amazon, Microsoft – for not taking part in political censorship.

Russia accounts for ~7% of the Telegram user base, and even if we lose that entire market, Telegram’s organic growth in other regions will compensate for this loss within a couple of months. However, it is important for me personally to make sure we do everything we can for our Russian users.

To support internet freedoms in Russia and elsewhere I started giving out bitcoin grants to individuals and companies who run socks5 proxies and VPN. I am happy to donate millions of dollars this year to this cause, and hope that other people will follow. I called this Digital Resistance – a decentralized movement standing for digital freedoms and progress globally.
This media is not supported in your browser
VIEW IN TELEGRAM
For 7 days Russia has been trying to ban Telegram on its territory – with no luck so far. I’m thrilled we were able to survive under the most aggressive attempt of internet censorship in Russian history with almost 18 million IP addresses blocked.

If you live in Russia and support free internet, fly a paper plane from your window at 7 PM local time today. Please collect the airplanes in your neighborhood an hour later – remember, today is Earth Day.

My thanks to all the members of the #DigitalResistance movement. Keep up your great work setting up socks5-proxies and VPNs and spreading them among your Russian friends and relatives. They will be needed as the country descends into an era of full-scale internet censorship.