Never miss a story

Get subscribed to our newsletter


×
The messaging app Telegram is displayed on a smartphone, July 15, 2017. VOA

By Nishant Arora

So you have decided to open a Telegram account in the wake of the WhatsApp-NSO group spyware incident that affected 1,400 select users globally, including some in India. Some of you may even be attempting to join the chat app Signal for that elusive security that, unfortunately, was never there in the first place.


Take this seriously: Encryption is fundamentally flawed and once hackers get to know any vulnerability or bug in the app security ecosystem, including the mobile operating system, your personal data is at their mercy.

When you joined WhatsApp, end-to-end encryption was there and yet, a third-party spyware, Pegasus, found a backdoor entry to snoop on you. Now, you are looking to take shelter in other so-called secure chat apps.

Facebook-owned WhatsApp is the leader among chat apps having 1.5 billion global users with 400 million of them in India. Russia-headquartered Telegram has 200 million users globally, while Signal has more than 10 million (according to Google Play Store downloads). Both Telegram and Signal record a spike in users whenever there is a security breach or global outage with WhatsApp.

Unlike WhatsApp and Apple iMessage, Telegram conversations aren’t encrypted end-to-end by default. Instead, you have to select the “Secret Chat” feature for an extra layer of security. But even that does not ensure a safety net.

A recent research paper from Massachusetts Institute of Technology (MIT) listed striking flaws in Telegram — founded in 2013 by brothers Nikolai and Pavel Durov. Telegram uses its own proprietary messaging protocol called “MTProto”, which lacks scrutiny from outside cryptographers.

Telegram follows a conventional approach of using a Cloud storage for its data.

“This means that if an adversary is able to gain control of their server system, they will have access to (at least) unencrypted messages and definitely to all the metadata,” wrote MIT researchers Hayk Saribekyan and Akaki Margvelashvili.

Telegram initially asks for the contact list from the phone/desktop and stores them in their servers.

“This provides huge social network information for them that can either be attacked on their servers or can be possibly sold to different authorities without users’ consent,” the researchers added.


Signal, on the other hand, has garnered support from many influential privacy advocates. Pixabay

The truth is: There will always be loopholes for governments, nation-state bad actors or individual hackers to snoop on you.

“Viruses like Pegasus affect the operating system of the mobile phone and the security provided by these messaging apps is rendered ineffective,” said Virag Gupta, a lawyer who is arguing the case in Supreme Court for data localisation in India.

“Apart from the government, privacy is threatened by private Internet companies and apps, even though they claim the data is encrypted,” Gupta told IANS.

Pegasus has been designed by Israel-based NSO Group to intercept communications sent to and from a device, “including communications over iMessage, Skype, Telegram, WeChat, Facebook Messenger, WhatsApp and others”.

According to MIT researchers, even while using the “Secret Chat” to communicate, Telegram’s mobile application makes it possible for the third parties to observe the metadata information.

“For example, adversaries can learn when users go online or offline with down-to-the-second accuracy. Telegram does not require agreement from both parties to set up the communication between them. For this reason, an attacker might connect to the user and they will receive the metadata information without the user knowing anything about this,” the MIT team elaborated.

According to leading tech policy and media consultant Prasanto K. Roy, when WhatsApp discovered the Pegasus attack, it quickly fixed the vulnerability, informed users whom it could trace the hack to, informed the relevant governments and initiated legal proceedings against the spyware’s creators in the US federal court.

“Unlike WhatsApp/Facebook, competitors Signal or Telegram are unlikely to have the resources to do any or all of these in response to a bug. At the most, they’d fix the bug,” Roy told IANS.

Are the existing alternatives like Telegram and Signal any better?


Silhouettes of mobile users are seen next to logos of social media apps Signal, Whatsapp and Telegram projected on a screen in this picture illustration. VOA

“They are not necessarily better. Yes, hackers and governments may pay less attention to Telegram and Signal because of their smaller base. And Signal is open-source, so techies can check the code for vulnerabilities and fixes.

“But there is a lot of value to a company tackling the issue and reporting it to users and governments promptly and transparently, as WhatsApp did,” Roy noted.

According to Anoop Mishra, one of India’s leading social media experts, as long as third-party players are out there, chat apps will remain at risk, be it Signal or Telegram.

Also Read: Apple Card Under Probe for Sex Discrimination in Credit Limits

“This is an era of information war and whosoever has the information — personal or otherwise — is at the risk of losing it. End-to-end encryption does not work, if there are vulnerabilities in the operating system,” Mishra told IANS.

Roy added: “Barring privacy-conscious activists, I do not expect to see a big exodus from WhatsApp, at least not for this reason.”

Next time when Telegram or Signal are hacked for whatever reason, which chat app do you have on your mind? (IANS)


Popular

IANS

The Centre will launch a pilot project on the use of indigenously manufactured drones for delivering medicines in the undulating landscape of Jammu and surrounding areas from Saturday

The Centre will launch a pilot project on the use of indigenously manufactured drones for delivering medicines in the undulating landscape of Jammu and surrounding areas from Saturday with a focus on vaccines delivery initially. "This is going to be a pilot project for the area. The drone is developed and manufactured entirely by our scientists," Union Minister for Science & Technology, Dr Jitendra Singh told mediapersons. Singh said he himself will be launching the project at Jammu.

The drone is developed by the scientists at Bengaluru's National Aerospace Laboratories (NAL), a constituent of Council of Scientific and Industrial Research (CSIR), an autonomous Society that is headed by the Prime Minister. For now, the delivery would be limited to Covid vaccines and once successful, it would be expanded to be used for regular delivery of medicines in the remote, hilly areas.

drone flying in sky The drone is developed by the scientists at Bengaluru's National Aerospace Laboratories (NAL). | Photo by Jason Blackeye on Unsplash

Keep Reading Show less
IANS

According to him Amitabh Bachchan is a great actor in the industry.

Bollywood actor Abhishek Bachchan shares how he feels when people compare him with his father Amitabh Bachchan on the singing reality show 'Sa Re Ga Ma Pa'. He also requests contestant Rajshree Bag to sing a track 'Bahon Mein Chale Aao' featuring his mother Jaya Bachchan.

Abhishek said after looking at the performance of Rajshree, who is often compared with Lata Mangeshkar on the show, that she reminds him of being compared with his father. "Rajshree, whenever I have got the chance to watch the show, I've seen people compare you to Lata didi. It actually reminded me about how people compare me with my father and ask me how I feel about it."

According to him Amitabh Bachchan is a great actor in the industry and this is what he says to everyone making these comparisons. "My answer to them is that there's no greater actor in this film industry than Amitabh Bachchan and if I'm being compared to him, I am sure I must have done something good."

"Similarly, your voice has a different kind of magic like Lata ji and that's why people are comparing your voice with her. I feel you should always take this as a compliment," he concluded. 'Sa Re Ga Ma Pa' airs on Saturday and Sunday on Zee TV. (IANS/ MBI)


Keep Reading Show less
Photo by Aaron Burden on Unsplash

Winters in India have always beckoned for that hot, steaming bowl of tomato and pepper rasam or the mellow, millet based Raab.

By IANSlife

Winters in India have always beckoned for that hot, steaming bowl of tomato and pepper rasam or the mellow, millet based Raab. Certain dishes like sarson ka saag, undhiyu, nimona pulao are winter specialites in the country. Seasonal food has always been an Indian speciality -- we switch our choice in fruits, vegetables, sometimes even grains with the onset of different season. The preference of using specific ingredients during certain climates is visible in our sweets as well. It's common to find local and traditional delicacies made of jaggery, instead of sugar during the winters. Case in point -- the Nolen Gur Rasgulla, a speciality made in Odisha and West Bengal between November to February.

Sarson Ka Saag | Sarson ka saag is traditional Punjabi dish Certain dishes like sarson ka saag, undhiyu, nimona pulao are winter specialites in the country. | Flickr

Keep reading... Show less