Dev.SN ♥ developers
Sections
Dev.SN
from the there-is-no-viable-alternative dept.
"A mere three days after Mark Zuckerberg announced Facebook's acquisition of Whatsapp, the popular smartphone messaging app suffered a major service outage that lasted three and a half hours. Left to their own devices, Whatsapp users worldwide went rushing to its rival apps, including secure chat provider Telegram. The surge in new users quickly turned into a tidal wave that brought Telegram's service to its knees:
The SMS gateways we use to send registration codes are overloaded and slow 100 SMS per second is too much. Trying to find a solution.
In its official twitter, Telegram announced that more than 1.8 million new users had joined on Saturday, Feb 22. Four hours later, it reported an additional 800 thousand.
Telegram's messaging service, which uses 256-bit symmetric AES encryption, RSA 2048 encryption and Diffie-Hellman secure key exchange, began enjoying a spike in popularity after Whatsapp's acquisition. Although it has released the source code for its java libraries and all its official clients, its server software is still closed source."
(Score: 3, Interesting) by tomtomtom on Sunday February 23 2014, @07:42PM
I'm not a cryptographer by any means but I do know enough to spot some of the red flags here - plain SHA1 with no key as a MAC, poor KDF, perhaps MAC and encrypt, using an obscure cipher mode, etc are design choices which are unusual and would need some better justification than the company has given (and that justification should have been there upfront); therefore what is clear to me is that whoever designed this protocol does not have enough experience in the crypto field to do it right.
The issues identified there may or may not create problems for people in the real world (especially if you accept the limitations of basically no MITM protection/authentication) but the red flags they raise are enough to convince me not to trust it any more than I would a system which sent messages in the clear via a third-party server (which given the third party here is less than I would trust SMS). Quite apart from the direct issues here, there may well be other implementation issues or flaws caused by inexperience.
This is quite apart from the biggest privacy issue (to my mind) with any of these types of service which is that they upload your entire phonebook to the operator's server, which then uses it to work out who else you know is on the network. Even TextSecure only partially solves this (through the use of Bloom filters). I suppose you could also delay the lookup until you try to message someone but that gives a worse user experience. Without a technical solution to that problem, you fall back to "how much do you trust the operator?". WhatsApp had built up a reputation of sorts of not selling/mining this data; Facebook is almost the polar opposite. Telegram was founded by a group who also founded a Facebook competitor which seems to be a bad start, and when you add on rumours about their closeness to the Russian government that's enough to convince me to stay well away and advise my friends to do the same.
Incidentally, if you do leave WhatsApp you should delete your account from the Settings dialogue, not just uninstall the app, otherwise they look more likely to retain your address book data and hand it on to Facebook. By deleting your account there's at least some chance they delete your addressbook (although I think their T&Cs/privacy policy wouldn't require it).