Apple Blog

First Major Security Hole Detected in Telegram

Telegram was very well received at the time of its launch, as the app included some features that were missing from other instant messaging applications, but above all, it was declared a secure service. This is an indirect reference to the many security issues that WhatsApp has faced in recent times. But as we know, all that glitters is not gold, and Telegram has just shown that it also has its weaknesses .

One of the great myths that must be dispelled before going into detail about the security hole discovered is that Telegram is not a free or ” open source ” application, but ” semi-open-source “. What does this mean? Simple, the client part is open source, but everything about the server part is processed through an API from which the code has not been released.

First Major Security Hole Detected in Telegram
First Major Security Hole Detected in Telegram

It is therefore not completely free, since the part in which the ” security factor ” intervenes decisively is not available to anyone beyond the owners of Telegram themselves. It is in this part, in the authentication between the client and the server , that a vulnerability has just been discovered that could affect the data of millions of users.

The problem lies mostly in the fact that the server does not verify the legitimacy of Telegram’s public keys , so a hacker or external attacker could take over a user’s account with relative ease, accessing their conversations, histories, images, etc…

The Telegram server does not verify the legitimacy of its public keys in the user authentication process

This is a serious security flaw that could have compromised millions of accounts worldwide, but fortunately the researchers who discovered it have been keeping the study secret for a few months . On March 11, they submitted the full report to Telegram and the company has just made the security breach public.

As reported in RedesZone, everything points to an oversight by the developers, although this makes us rethink the unbeatable security of the service they sold us in the beginning. Is Telegram more secure than WhatsApp? For the moment it has proved not to be, we will see how the application progresses in future versions.

Do you still use Telegram? Do you consider it safer than WhatsApp?

Similar Posts