Telegram is still leaking user IP addresses to contacts | TechCrunch
techcrunch.com
A security researcher has created a tool that allows someone to find out the IP address of a Telegram contact just by calling them.
  • TheGrandNagus@lemmy.worldEnglish
    347·
    9 months ago

    The same Telegram that gets widely criticised by security experts but still purports itself to be secure and private? Say it ain’t so!

    • ink@r.nfEnglish
      510·
      8 months ago

      P2P calls are inherently more privacy friendly, dumbass. look it up. Guess what protocol Briar uses?

      Eating that shit up without an ounce of knowledge on the subject.

      • TheGrandNagus@lemmy.worldEnglish
        94·
        8 months ago

        You seem angry.

        Telegram doesn’t even have E2E encryption for all chats lmao. But even for those that are, the algorithm they use isn’t the best, it’s had several vulnerabilities in the past.

        (They used to use SHA-1, which was laughably obsolete, they updated this a little while ago, but since then vulnerabilities have still been found)

        Your messages get stored in the cloud and their server infrastructure is closed source.

        After the Ukraine war began, Telegram also agreed to send user data to Russian authorities when requested for it.

        There’s also the fact that prior to the previous elections, Telegram deleted pro-opposition channels, defending it by saying “if we didn’t we’d be blocked in Russia again” - tough shit. Then Russia can block it ffs

        Telegram is not secure.

        • akrot@lemmy.worldEnglish
          82·
          8 months ago

          but since then vulnerabilities have still been found

          After the war began, Telegram also agreed to send user data to Russian authorities when requested for it.

          Do you have sources?

      • Possibly linux@lemmy.zipEnglish
        1·
        8 months ago

        That’s not very nice of you to call this person a dumbass. It is totally uncalled for and very rude

  • silent_squirrel@feddit.deEnglish
    13·
    9 months ago

    Doesn’t this affect Signal too? There is a setting under “Privacy -> Advanced” called “Always relay calls”, which routes calls through Signal servers to prevent IP leaks (and can decrease call quality)… This setting is disabled by default

  • Andy@programming.devEnglish
    8·
    8 months ago

    TLDR: It happens (by default) for calls between you and someone in your contacts list, because it’s a p2p connection. It can be avoided by disabling p2p calls.

    The reason Telegram leaks a user’s IP addresses during a call is that, by default, Telegram uses a peer-to-peer connection between callers “for better quality and reduced latency,” Telegram spokesperson Remi Vaughn told TechCrunch.

    “The downside of this is that it necessitates that both sides know the IP address of the other (since it is a direct connection). Unlike on other messengers, calls from those who are not your contact list will be routed through Telegram’s servers to obscure that,” Vaughn said.

    To avoid leaking your IP address, you have to go to Telegram’s Settings > Privacy and Security > Calls, and then select “Never” in the Peer-to-Peer menu, as shown below.

  • Blaze@discuss.tchncs.deEnglish
    62·
    9 months ago

    They also started banning people quite agressively without possibly to appeal.

    The platform seems to be going downhill