If you’re using an Android device—or in some cases an iPhone—the Telegram messenger app makes it easy for hackers to find your precise location when you enable a feature that allows users who are geographically close to you to connect. The researcher who discovered the disclosure vulnerability and privately reported it to Telegram developers said they have no plans to fix it.
The problem stems from a feature called People Nearby. By default, it’s turned off. When users enable it, their geographic distance is shown to other people who have it turned on and are in (or are spoofing) the same geographic region.
Independent researcher Ahmed Hassan, however, has shown how the feature can be abused to divulge exactly where you are. Using readily available software and a rooted Android device, he’s able to spoof the location his device reports to Telegram servers. By using just three different locations and measuring the corresponding distance reported by People Nearby, he is able to pinpoint a user’s precise location.
Telegram lets users create local groups within a geographical area. Hassan said that scammers often spoof their location to crash such groups and then peddle fake bitcoin investments, hacking tools, stolen social security numbers, and other scams.
“Most users don’t understand they are sharing their location, and perhaps their home address,” Hassan wrote in an email. “If a female used that feature to chat with a local group, she can be stalked by unwanted users.”
A proof-of-concept video the researcher sent to Telegram showed how he could discern the address of a People Nearby user when he used a free GPS spoofing app to make his phone report just three different locations. He then drew a circle around each of the three locations with a radius of the distance reported by Telegram. The user’s precise location was where all three intersected.
People Nearby poses the biggest threat to people using Android devices, since they report a user’s location with enough granularity to make Hassan’s attack work.
And “Signal: Cellebrite claimed to have ‘cracked’ chat app’s encryption”, link to article from BBC:
Israeli security firm Cellebrite has claimed that it can decrypt messages from Signal’s highly secure chat and voice-call app, boasting that it could disrupt communications from “gang members, drug dealers and even protesters”.
The firm has a series of products, including the UFED (Universal Foresenic Extraction Device) – a system that allows authorities to unlock and access the data on suspects’ phones.
Cellebrite provided a technical explanation of how it found a decryption key that allowed it to access the messages that Signal stores its database. It then described how it searched Signal’s open-source code for clues as to how to breach the database.
“We finally found what we were looking for,” it writes, with a full explanation of how it did it, which has since been deleted.
Its claim suggested that it could “crack” Signal’s encryption on Android phones to decrypt messages and attachments, but did not mention Apple devices.
In response to people questioning Cellebrite’s claims, the creator of Signal – Moxie Marlinspike – dismissed the idea that the app had been compromised.
“This was an article about ‘advanced techniques’ Cellebrite used to decode a Signal message on an unlocked Android device,” he tweeted.
“They could have also just opened the app to look at the messages.
“The whole article read like amateur hour, which is I assume why they removed it.”
John Scott-Railton, a senior researcher at Citizen Lab, an internet watchdog based at the University of Toronto, moved to reassure users that Signal “remains one of the most secure and private ways to communicate”.
“If they are worried about their chats being extracted from a confiscated device, they can enable disappearing messages,” he added.
The messaging app is endorsed by whistleblower Edward Snowden, who claims to use it “every day”.
On its website, it says that it uses state-of-the-art, end-to-end encryption to keep all conversations secure.
Now, when it comes to encrypted end-to-end communications, I have always stuck to the gold standard of the OTR protocol (Off-the-Record) – now in OTRv4 with lead developer Sofia Celi (a highly informative 44 minute talk by her about OTRv4 is available on Youtube here).
OTR is specifically designed for deniable authentication (messages cannot be tied to specific identities due to lack of digital signatures) and forward secrecy (in additional to optionally the Socialist Millionaire’s Protocol for protection against Man-in-the-Middle attacks). Also, each message is signed with a different newly generated key, which makes the whole scheme impossible to penetrate in terms of cryptography / cryptanalysis (not even rubber-hose cryptanalysis, as it is known in some old school KGB Russian handbooks). It is the protocol to use for whistleblowers and organizations like Wikileaks and OCCRP, among others (as well as, of course, various types of criminals, scammers, etc.)
Rubberhose cryptanalysis illustrated in practice. Source: XKCD
Why this is relevant is because Signal’s own protocol is a modified version of OTR itself (+ SCIMR) – and it has also been recommended for use by security expert gurus like Bruce Schneier and Edward Snowden himself. However, what the above reminds us is that the issue lies elsewhere, rather in the hardware of mobile devices itself, which haven’t been designed with security in mind and are generally notoriously vulnerable, not to mention that some ~70% of the energy they waste goes for sending whatever personal data various running applications can suck and siphon in thousand different directions.
Personally, I would recommend people something like Pidgin coupled with the OTR plugin (pidgin-otr) for secure end-to-end communications across a wide range of protocols (that Pidgin supports – from XMPP and IRC, to ICQ, Skype and more). Just make sure to not save/remember your login password, as in the past Pidgin used to store it somewhere in plaintext (probably not any more, since that was ages ago, but just in case). And that does not apply to you only if you’re planning on toppling governments, distributing illegal drugs or dealing in kiddie porn – personal privacy has become a massive issue due to wholly different reasons, as chillingly described in depth and detail in Prof. Zuboff’s book on the topic “Surveillance Capitalism”. For-profit companies and large tech corporations deal in human behavioral prediction products they construct from the wealth of data they gather, which they then sell off on markets dealing in human futures (speaking of financialization of everything).
And along those lines, it is also advisable to be more conservative in how much one tends to loosen his assumptions on these issues – for example, do not assume your crypto-asset portfolios are by default safe. This goes for third-party custodial services and exchanges as well as wallets. There is no bug-less software, and what we’re talking about here falls in the category of things that should be considered mission critical. In that respect, I personally really like Monero, Tezos and Cardano, in that their cryptographic schemes (Monero’s) are professionally designed with specific purpose and end-goal, while Tezos and Cardano build on functional-type languages, which are particularly suited for exactly mission critical systems, and are particularly popular lately within the financial sector/world (for their speed, efficiency and reliability, which combined with maximal optimization as close to bare metal and shortening of distance – in the end, financial capitalism is really dealing in nano-seconds of time, not so much money…. goes on to show you how time really is money).
Oh, and as for Telegram itself – crypto community’s favorite messenger – I’ve always been dubious of it, as it uses proprietary cryptography, is not open source, and its Desktop version does not even support encrypted messages and VoIP. That just to begin with (though I agree, it is slick and easy design-wise). So, I don’t know how anybody who has properly done his own research would have ever invested in their massively and unrealistically ambitious TON (was it that what they called it?) cryptocurrency project – which, despite its ambition as described in the initial paper – doesn’t really contain anything original idea-wise that hasn’t already been suggested or proposed (or even already worked on, research and development-wise). It seems to me that the Durov brothers have a personal vendetta against the Russian government and/or oligarchs who “stole” their VK platform (the Russian Facebook) and thought they could exploit the hype in the heat of the moment when the insane unregulated pumpathon was taking place.
So yeah, people. Watch your steps. It’s a jungle out there. And cyberwar and cybercrime is just one component of the ongoing World War.
Cheers from Cambodia (and any further donations and tips due to my somewhat problematic predicament here would be most welcomed, to try begging politely with some dignity here…)