Telegram might be an unencrypted treasure trove of data and Pavel Durov might just be a geopolitical pawn
The following is a guest post by Kadan Stadelmann, CTO of Komodo Blockchain.
Pavel Durov, the CEO of Telegram, was arrested this week after a four-day interrogation related–publicly at least–to the existence of illegal activity on his app, including child pornography.
The ensuing media frenzy painted Telegram as an almost esoteric, privacy-centered app, which is not true. The coverage has given the world a false impression of what Telegram is and how it works.
The confusion, and a lack of answers, raises more questions since Durov’s arrest.
Could there be more to this story than a standard criminal investigation as French President Emanuel Macron assures.
Telegram Not What It’s Reported To Be
Telegram must have great public relations because they have been plastered all over the news as an “encrypted messaging app.” The problem? The app does not offer end-to-end encryption by default. Instead, it must be manually activated through the “Secret Chats” feature for every single private conversation. Further, encryption is only available for one-on-one conversations, not for group chats.
Telegram hides its encryption behind several clicks, a hidden menu, and finally a “Confirm” pop-up that asks the user if they really, really truly, truly want to enable Telegram’s encryption. Moreover, in order to encrypt the conversation, the other party must be online when you activate Telegram’s encryption, which is based on proprietary code that raises red flags with auditors. Such a process likely deters would-be encryptors. Industry-standard encryption would require merely opening up a new chat window.
“…[T]he vast majority of one-on-one Telegram conversations — and literally every single group chat — are probably visible on Telegram’s servers, which can see and record the content of all messages sent between users,” writes cryptographer Mathew Green. “…Telegram knows its encryption is difficult to turn on, and they continue to promote their product as a secure messenger.”
Rather than improve Telegram’s end-to-end encryption offering, Durov takes shots at competitor Signal, claiming it has ties to the US government.
“Indeed, it no longer feels amusing to see the Telegram organization urge people away from default-encrypted messengers, while refusing to implement essential features that would widely encrypt their own users’ messages,” writes Green. “In fact, it’s starting to feel a bit malicious.”
Telegram does not only fall short of modern encryption standards. The impression that Telegram does not comply with authority demands is erroneous, as well. Spiegel Online reported in 2022 that Telegram provided the German Federal Criminal Police Office (BKA) with access to users’ personal data in cases of child abuse and terrorism, while the app denied having done so.
Furthermore, Telegram blocked 64 channels whose content the government viewed as “extremist” after threats from German interior minister, Nancy Faeser, to block the Telegram messenger in Germany.
In October 2023, Telegram restricted access to channels associated with or operated by Hamas after scrutiny in the wake of the October 7 attacks on Israel.
In short, Telegram hides its encryption capabilities, while it hides behind a reputation of radical privacy. At least in the past, it has answered authorities’ requests. Has that policy changed or does it only answer certain governments?
Russia Cozies Up To Telegram, West Sees Opportunity
At least one government is comfortable with Telegram. After two years and a failure to stop the app’s use within its borders, Russia lifted its ban on Telegram in 2018. Communications watchdog Roskomnadzor said the ban was lifted because Durov was prepared to cooperate in combating terrorism and extremism on Telegram.
Today Telegram is trusted enough by the Russian government to be used by the Russian military for battlefield communications. Russia is likely fearful that Durov could agree to work with the French and NATO in exchange for his freedom, compromising Russia’s battlefield operations.
This past week, Russian Foreign Minister Sergey Lavrov confirmed this fear, alleging that “Durov was clearly taken away on someone’s advice and is being threatened with terrible punishment, apparently hoping to somehow gain access to encryption codes.”
Has Durov truly been caught up as a political pawn in a geopolitical game? He advertises his app as encrypted and idealistic all while providing subpar encryption standards and secretly working with governments behind the scenes similar to other Big Tech apps–at least up until October 2023, that is.
The main question at this point, it would seem, is which government does Telegram now serve?
Mentioned in this article