People who think telegram is doing dubious things with encryption and security: are there any good write-ups of the critiques that respond to https://core.telegram.org/techfaq ?
I want to know whether people have specifically responded to the technical details they have given. For example, they talk about why certain algorithms are secure in the context in which they are used. They might be wrong, but it's nuanced.
-
-
yeah, they did not answer directly, even with PoC showing that you could read Telegram messages within the same local network. follow this link: https://security.stackexchange.com/questions/49782/is-telegram-secure … It basically says the same we discussed before and looks like it is being updated (last update dec/17).
-
These comments in all places seem 90% rhetoric, 10% moment-in-time papers/analyses from years ago. I want the analysis without the rhetoric. Anything that spends words on "non standard crypto" and berating people for even considering it is not analysis.
-
-
If cryptographers spent time doing in depth analysis of every crank encryption app out there, they'd never have time to get anything done. It's valid to dissmiss them for the same reason physics professors don't give in-depth refutals for perpetual motion machines.
-
Ok, so this is the stuff I'm talking about. There are a small handful of popular chat apps in the world, and Telegram's encryption is not analogous to a perpetual motion machine. It's more like a nuclear reactor that works but some experts worry doesn't follow best practices.
-
Yes, it would be really bad if people messed it up, but calling it a "crank encryption algorithm" is simply wrong and devalues the argument people are making. Do experts think that https://core.telegram.org/techfaq#q-i-39m-a-security-expert-and-i-think-your-protocol-is-not-secur … this contest is a fraud? $300k is pretty good...
-
I haven't seen the 2nd round before, but yes, experts *absolutely* believed the contest was a fraud. It's a setup that sounds good to non cryptographers but is meaningless in actuality.
-
Is there a post somewhere where an expert offers suggestions to change the contest to be more acceptable?
- 4 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.