The Kaspersky antivirus company claimed today they found a “0-day vulnerability on Telegram for Windows”, which affected “1000 users before it was fixed”.
As always, reports from antivirus companies must be taken with a grain of salt, as they tend to exaggerate the severity of their findings to get publicity in mass media. Telegram Geeks, a community of Telegram fans, gave a good explanation of what it really was about:
As always, reports from antivirus companies must be taken with a grain of salt, as they tend to exaggerate the severity of their findings to get publicity in mass media. Telegram Geeks, a community of Telegram fans, gave a good explanation of what it really was about:
Forwarded from Telegram Geeks
▶️ Our two cents:
Well, this is not a real vulnerability on Telegram Desktop, no one can remotely take control of your computer or Telegram unless you open a malicius file.
This kind of vulnerability is based on social engineering.
In fact, it was a .js file hidden on a a .png file, this happened thanks to RTL characters.
Windows users must click on the Run dialog in order to install the malware.
So don't worry, unless you opened a malicius file, you have always been safe.
ℹ️ @geeksChannel
Well, this is not a real vulnerability on Telegram Desktop, no one can remotely take control of your computer or Telegram unless you open a malicius file.
This kind of vulnerability is based on social engineering.
In fact, it was a .js file hidden on a a .png file, this happened thanks to RTL characters.
Windows users must click on the Run dialog in order to install the malware.
So don't worry, unless you opened a malicius file, you have always been safe.
ℹ️ @geeksChannel
Happy Valentine's Day! I see some good art in trending stickers, be sure to check it out.
This week, over 700,000 new users are signing up for Telegram each day. The annual user growth of Telegram surpassed 70% YoY in most markets.
With so many new people joining, not every user may have a clear understanding about what Telegram stands for.
That’s why when announcing the 200M milestone last week, I used the opportunity to write a bit about the values of Telegram and what drives us forward.
https://telegram.org/blog/200-million
With so many new people joining, not every user may have a clear understanding about what Telegram stands for.
That’s why when announcing the 200M milestone last week, I used the opportunity to write a bit about the values of Telegram and what drives us forward.
https://telegram.org/blog/200-million
Telegram
200,000,000 Monthly Active Users
Within the last 30 days, Telegram was used by 200 million people. This is an insane number by any standards. If Telegram were a country, it would have been the sixth largest country in the world.
Every service growing too fast is bound to experience growing pains; unfortunately, Telegram is no exception, although we strive to be one.
Many of our European users noticed connection issues earlier today. Those were caused by planned maintenance by our data center provider, which unfortunately lead to unplanned downtime. Thanks to Telegram’s distributed infrastructure, Americas and East Asia were not affected by the issues.
We sincerely apologize for the inconveniences this might have caused – we know tens of millions of Europeans rely on Telegram for communication with their colleagues and loved ones.
To make sure such disruptions don’t happen again, we have established a more direct and real-time communication between our engineers and the data center electricians, and, more importantly, started upgrading our power-related equipment to add even more redundancy.
Thank you for your support and patience during this time.
Many of our European users noticed connection issues earlier today. Those were caused by planned maintenance by our data center provider, which unfortunately lead to unplanned downtime. Thanks to Telegram’s distributed infrastructure, Americas and East Asia were not affected by the issues.
We sincerely apologize for the inconveniences this might have caused – we know tens of millions of Europeans rely on Telegram for communication with their colleagues and loved ones.
To make sure such disruptions don’t happen again, we have established a more direct and real-time communication between our engineers and the data center electricians, and, more importantly, started upgrading our power-related equipment to add even more redundancy.
Thank you for your support and patience during this time.
The power that local governments have over IT corporations is based on money. At any given moment, a government can crash their stocks by threatening to block revenue streams from its markets and thus force these companies to do strange things (remember how last year Apple moved iCloud servers to China).
At Telegram, we have the luxury of not caring about revenue streams or ad sales. Privacy is not for sale, and human rights should not be compromised out of fear or greed.
At Telegram, we have the luxury of not caring about revenue streams or ad sales. Privacy is not for sale, and human rights should not be compromised out of fear or greed.
For the last 24 hours Telegram has been under a ban by internet providers in Russia. The reason is our refusal to provide encryption keys to Russian security agencies. For us, this was an easy decision. We promised our users 100% privacy and would rather cease to exist than violate this promise.
Despite the ban, we haven’t seen a significant drop in user engagement so far, since Russians tend to bypass the ban with VPNs and proxies. We also have been relying on third-party cloud services to remain partly available for our users there.
Thank you for your support and loyalty, Russian users of Telegram. Thank you, Apple, Google, Amazon, Microsoft – for not taking part in political censorship.
Russia accounts for ~7% of the Telegram user base, and even if we lose that entire market, Telegram’s organic growth in other regions will compensate for this loss within a couple of months. However, it is important for me personally to make sure we do everything we can for our Russian users.
To support internet freedoms in Russia and elsewhere I started giving out bitcoin grants to individuals and companies who run socks5 proxies and VPN. I am happy to donate millions of dollars this year to this cause, and hope that other people will follow. I called this Digital Resistance – a decentralized movement standing for digital freedoms and progress globally.
Despite the ban, we haven’t seen a significant drop in user engagement so far, since Russians tend to bypass the ban with VPNs and proxies. We also have been relying on third-party cloud services to remain partly available for our users there.
Thank you for your support and loyalty, Russian users of Telegram. Thank you, Apple, Google, Amazon, Microsoft – for not taking part in political censorship.
Russia accounts for ~7% of the Telegram user base, and even if we lose that entire market, Telegram’s organic growth in other regions will compensate for this loss within a couple of months. However, it is important for me personally to make sure we do everything we can for our Russian users.
To support internet freedoms in Russia and elsewhere I started giving out bitcoin grants to individuals and companies who run socks5 proxies and VPN. I am happy to donate millions of dollars this year to this cause, and hope that other people will follow. I called this Digital Resistance – a decentralized movement standing for digital freedoms and progress globally.
For 7 days Russia has been trying to ban Telegram on its territory – with no luck so far. I’m thrilled we were able to survive under the most aggressive attempt of internet censorship in Russian history with almost 18 million IP addresses blocked.
If you live in Russia and support free internet, fly a paper plane from your window at 7 PM local time today. Please collect the airplanes in your neighborhood an hour later – remember, today is Earth Day.
My thanks to all the members of the #DigitalResistance movement. Keep up your great work setting up socks5-proxies and VPNs and spreading them among your Russian friends and relatives. They will be needed as the country descends into an era of full-scale internet censorship.
If you live in Russia and support free internet, fly a paper plane from your window at 7 PM local time today. Please collect the airplanes in your neighborhood an hour later – remember, today is Earth Day.
My thanks to all the members of the #DigitalResistance movement. Keep up your great work setting up socks5-proxies and VPNs and spreading them among your Russian friends and relatives. They will be needed as the country descends into an era of full-scale internet censorship.
This media is not supported in your browser
VIEW IN TELEGRAM
Thank you for the support, Russia! This could become a Sunday tradition. Please don’t forget to clean up ✈️👍🏽
Thank you, each and every one of the 12,000+ people who stood up to support the freedom of internet and Telegram today in central Moscow.
https://goo.gl/fEFtQb
https://goo.gl/fEFtQb
Unfortunately, some Telegram features, such as stickers, don’t work correctly under iOS 11.4 that was just released – even though we fixed this issue weeks ago.
Apple has been preventing Telegram from updating its iOS apps globally ever since the Russian authorities ordered Apple to remove Telegram from the App Store. Russia banned Telegram on its territory in April because we refused to provide decryption keys for all our users’ communications to Russia’s security agencies. We believe we did the only possible thing, preserving the right of our users to privacy in a troubled country.
Unfortunately, Apple didn’t side with us. While Russia makes up only 7% of Telegram’s userbase, Apple is restricting updates for all Telegram users around the world since mid-April. As a result, we’ve also been unable to fully comply with GDPR for our EU-users by the deadline of May 25, 2018. We are continuing our efforts to resolve the situation and will keep you updated.
Sorry for the inconvenience and thank you for your patience.
Apple has been preventing Telegram from updating its iOS apps globally ever since the Russian authorities ordered Apple to remove Telegram from the App Store. Russia banned Telegram on its territory in April because we refused to provide decryption keys for all our users’ communications to Russia’s security agencies. We believe we did the only possible thing, preserving the right of our users to privacy in a troubled country.
Unfortunately, Apple didn’t side with us. While Russia makes up only 7% of Telegram’s userbase, Apple is restricting updates for all Telegram users around the world since mid-April. As a result, we’ve also been unable to fully comply with GDPR for our EU-users by the deadline of May 25, 2018. We are continuing our efforts to resolve the situation and will keep you updated.
Sorry for the inconvenience and thank you for your patience.
🎉 Amazing news – Apple has just successfully reviewed our latest update for Telegram iOS, and we were able to ship a new version with long awaited fixes and improvements to the AppStore.
Thank you, Apple! 🍏
Thank you, Apple! 🍏
Although I normally don't watch football matches, I am very happy to hear France has won the World Cup ⚽
I am a big admirer of French culture, art, design, architecture, cuisine, history and language.
France is certain to play an even larger role in the world culture and economy in years to come 🇫🇷
I am a big admirer of French culture, art, design, architecture, cuisine, history and language.
France is certain to play an even larger role in the world culture and economy in years to come 🇫🇷
As you might have heard, for the last couple of years we’ve been quietly rebuilding Telegram for iOS from scratch with Swift – a programming language released by Apple as a faster alternative to Objective C.
The Swift version of Telegram looks exactly as the old one, but is faster, slicker and more battery-friendly than the good old Telegram (which was already great considering it outperformed other messaging apps in speed).
This new Telegram has been available for everyone to download under the name “Telegram X” since January. Thousands of users have been testing it and sharing their feedback with us, so thanks to them the app is now much more polished than a few months ago. While we are still putting some finishing touches on it, it seems that the new Telegram is ready to be shipped to every Telegram user on iOS.
That’s why within the next week or two we are planning to update the default Telegram iOS App with the Swift version. As a result, Telegram will become faster, slicker and more efficient. Since it will rely on an entirely new codebase, some minor bugs and glitches might occur, but we’ll make sure they are quickly – or should I say “swiftly” – fixed.
This change will make Telegram the most popular messaging app written fully in Swift. Some would say it’s a big risk, but I think somebody has to take such risks and be the first to implement new technologies, such as e2e encryption – or Swift.
The Swift version of Telegram looks exactly as the old one, but is faster, slicker and more battery-friendly than the good old Telegram (which was already great considering it outperformed other messaging apps in speed).
This new Telegram has been available for everyone to download under the name “Telegram X” since January. Thousands of users have been testing it and sharing their feedback with us, so thanks to them the app is now much more polished than a few months ago. While we are still putting some finishing touches on it, it seems that the new Telegram is ready to be shipped to every Telegram user on iOS.
That’s why within the next week or two we are planning to update the default Telegram iOS App with the Swift version. As a result, Telegram will become faster, slicker and more efficient. Since it will rely on an entirely new codebase, some minor bugs and glitches might occur, but we’ll make sure they are quickly – or should I say “swiftly” – fixed.
This change will make Telegram the most popular messaging app written fully in Swift. Some would say it’s a big risk, but I think somebody has to take such risks and be the first to implement new technologies, such as e2e encryption – or Swift.
Some tech media reported that the Telegram Desktop app wasn’t secure because it “leaked IP addresses” when used to accept a voice call.
The reality is much less sensational – Telegram Desktop was at least as secure as other encrypted VoIP apps even before we improved it by adding an option to disable peer-to-peer calls. As for Telegram calls on mobile, they were always more secure than the competition, because they had this setting since day one.
During a peer-to-peer (P2P) call, voice traffic flows directly from one participant of a call to the other without relying on an intermediary server. P2P routing allows to achieve higher quality calls with lower latency, so the current industry standard is to have P2P switched on by default.
However, there’s a catch: by definition, both devices participating in a P2P call have to know the IP addresses of each other. So if you make or accept a call, the person on the other side may in theory learn your IP address.
That’s why, unlike WhatsApp or Viber, Telegram always gave its users the ability to switch off P2P calls and relay them through a Telegram server. Moreover, in most countries we switched off P2P by default.
Telegram Desktop, which is used in less than 0.01% of Telegram calls, was the only platform where this setting was missing. Thanks to a researcher who pointed that out, we made the Telegram Desktop experience consistent with the rest of our apps.
However, it is important to put this into perspective and realize that this is about one Telegram app (Telegram Desktop) being somewhat less secure than other Telegram apps (e.g. Telegram for iOS or Android). If you compare Telegram with other popular messaging services out there, unfortunately, they are not even close to our standards.
Using the terminology from the flashy headlines, WhatsApp, Viber and the rest have been “leaking your IP address” in 100% of calls. They are still doing this, and you can't opt out. The only way to stop this is to have all your friends switch to Telegram.
The reality is much less sensational – Telegram Desktop was at least as secure as other encrypted VoIP apps even before we improved it by adding an option to disable peer-to-peer calls. As for Telegram calls on mobile, they were always more secure than the competition, because they had this setting since day one.
During a peer-to-peer (P2P) call, voice traffic flows directly from one participant of a call to the other without relying on an intermediary server. P2P routing allows to achieve higher quality calls with lower latency, so the current industry standard is to have P2P switched on by default.
However, there’s a catch: by definition, both devices participating in a P2P call have to know the IP addresses of each other. So if you make or accept a call, the person on the other side may in theory learn your IP address.
That’s why, unlike WhatsApp or Viber, Telegram always gave its users the ability to switch off P2P calls and relay them through a Telegram server. Moreover, in most countries we switched off P2P by default.
Telegram Desktop, which is used in less than 0.01% of Telegram calls, was the only platform where this setting was missing. Thanks to a researcher who pointed that out, we made the Telegram Desktop experience consistent with the rest of our apps.
However, it is important to put this into perspective and realize that this is about one Telegram app (Telegram Desktop) being somewhat less secure than other Telegram apps (e.g. Telegram for iOS or Android). If you compare Telegram with other popular messaging services out there, unfortunately, they are not even close to our standards.
Using the terminology from the flashy headlines, WhatsApp, Viber and the rest have been “leaking your IP address” in 100% of calls. They are still doing this, and you can't opt out. The only way to stop this is to have all your friends switch to Telegram.
Last week at Telegram was intense – we’ve been busy polishing the rough spots in our new iOS app and fighting connection issues with little time left for sleep. Yet, there’s no other company in the world I would rather work at. At Telegram, we have the rare freedom to do what our users expect us to do, standing up for their interests.
The recent exodus of WhatsApp founders is a good example of what you end up with if you sell your company. You can earn some money, but you lose something much more valuable – your integrity and the ability to continue improving the lives of hundreds of millions of people.
Last week, it became known that WhatsApp has had a backdoor for years – anybody you had a video call with could potentially read all your messages. Even if there are no more backdoors left (which seems unlikely), WhatsApp has other flaws which make most of the messages sent via the app accessible to third parties.
In the long run, promises given by corporations like Facebook just don't materialize, because these corporations prioritize maximizing profits over serving their users. And that’s what makes Telegram so different – the only thing that will ever matter to us is your interests.
The recent exodus of WhatsApp founders is a good example of what you end up with if you sell your company. You can earn some money, but you lose something much more valuable – your integrity and the ability to continue improving the lives of hundreds of millions of people.
Last week, it became known that WhatsApp has had a backdoor for years – anybody you had a video call with could potentially read all your messages. Even if there are no more backdoors left (which seems unlikely), WhatsApp has other flaws which make most of the messages sent via the app accessible to third parties.
In the long run, promises given by corporations like Facebook just don't materialize, because these corporations prioritize maximizing profits over serving their users. And that’s what makes Telegram so different – the only thing that will ever matter to us is your interests.