How to “hack” Telegram
or The Rise of Crypto Bullshit Bingo
We at Telegram love being notified about security-related issues. We believe being open source and having crypto contests helps us provide a better service. That’s why we reward people when they share ideas that allow us to make Telegram more secure.
Last month we paid $5000 to a guy who found a potential vulnerability in Telegram for Android, and this month we’ve transferred $2500 to HackApp for pointing out weak spots in our iOS code. The most valuable input so far came in December 2013 from a person who found an issue in the MTProto design, so we awarded him $100,000. Whenever a potential vulnerability is found, we are the first to admit it — and fix it.
Unfortunately, every activity attracts its parasites. With Telegram’s popularity soaring, some people attempt to promote themselves or their products by attacking Telegram on false grounds.
If I had root access…
Last month we received a letter saying that “assuming an intruder had root access to a user’s Android phone, Telegram messages were not secure”.
Naturally, this hardly warranted a response: if an intruder somehow gained root access to your device, there’s no point in discussing any other layer of security — the intruder is already the GOD of your phone and can see everything you see on the screen of your device — and much more. Claiming to find “assuming root access” vulnerabilities is like saying that God Almighty can theoretically (in addition to destroying and creating worlds at a whim) pick a lock of a particular Swiss brand. So this lock is not secure!
While this sounds like a bad joke to any security expert, it didn’t stop our correspondent, who turned out to be the founder/owner/CEO/CTO of a company called Zimperium, from publishing a blog post with a clickbait title “How I hacked Telegram’s ‘encryption’”.
How I “hacked” Telegram’s encryption
The post claimed that since an attacker with root access can read the device’s disk and memory, Telegram messages should not be stored unencrypted in phone memory — and we should encrypt them. The obvious paradox of this “solution” is that the encryption key will be also stored somewhere on the device (otherwise you wouldn’t be able to render messages on the screen).
So while the idea might sound reasonable to a non-specialist, it can in no way defend one from attackers that already have access to memory and disk on the device. Basically the advice was to encrypt something for the sake of encryption and create an illusion of safety in a “game over” root environment, just to consume a bit more CPU and battery power.
The post concluded with a sales pitch on the benefits of Zimperium software for Android (whose authors live in a world where 98.4% of Android devices can be hacked by school kids).
Flagged as bullshit
Of course, respectable media ignored this camouflaged marketing initiative — after some research and fact checking, big newspapers like Forbes had a good laugh. The reaction of the crypto community to Zimperium’s sales pitch was summarized by Eva Galperin, a technologist and analyst for the Electronic Frontier Foundation:
“If you tell me that you can break encryption by compromising the endpoint you haven’t really broken encryption at all. It’s like haha! I can get into your house with the key! Gotcha!”
“For people outside the InfoSec community: there is no Telegram “hack”. Pure smoke. I might not like Telegram, but it’s not been broken.”
HackerNews subscribers expressed a rare unanimity:
“This is clickbait unfortunately, his attacks require root access on the device.” (eugeneionesco)
“End-to-end encryption does nothing when an adversary controls one of the ends. I’d say this guy is trying a little too hard to promote his “Zimperim Mobile Security” brand here…” (moe)
“…this isn’t really a vulnerability. It’s “if you completely control the device that is sending/receiving encrypted messages, you can read the messages.” There’s literally no way to defend against this attack.” (IshKebab)
“Yeah…it doesn’t feel like a true vulnerability…feels like just padding the “vulnerability” counter” (theonewolf)
“…isn’t getting root on the devices basically a game over? The suggestions the author hard to encrypt the stuff in memory and on disk would just add a extra step for the attacker to find the key?” (treeform)
“The attack vector wasn’t even through the Telegram application but depending on if you get access to disk or memory.” (dustyfresh)
Reaction on Reddit was even more straightforward:
Post should be flagged as “bullshit” (BearsDontStack)
I like “hacks” with steps to reproduce like the following:
1) Hack the entire gibson and get root / admin
2) … this could be literally anything …
3) See!? The app mentioned in #2 is utter bullshit! (scrowl)
Given that the blog post published by Zimperium was a botched marketing trick that was rebuffed unanimously by the industry, we decided we didn’t need to make any specific announcement about this “hack”-hoax.
Bullshit bingo at work
But even if you can’t exploit security bugs, you can still exploit media naïveté and public fears. While security experts and big media predictably dismissed the claim, some smaller newspapers and blogs did buy it. Here are some of the most intriguing titles:
“Encryption in Telegram Messenger Is Completely Broken
Vendor doesn’t reply to responsible vulnerability disclosure” (Softpedia)
“Telegram encryption undermined, ‘no better than SSL’
Mobile app Telegram’s end-to-end encryption security credentials are questioned after researcher accesses plain-text messages.” (SC Magazine)
“Telegram cross-platform messaging flaws allow hackers to bypass encryption and access user messages
Is Telegram secure? not any more!” (TechWorm)
There are many more articles like these, published mainly by small local sites that don’t do fact checking or research. Despite our willingness to reply over e-mail or Twitter and comment on the issue, few of them bothered to get the bigger picture. Zimperium was careful not to show any comments under their original post (although there is an input field for comments designed to create the illusion of an opportunity to reply), so for an unsophisticated reader their article full of buzz-words looks really frightening. As a result, the Zimperium post got about 5K of likes on Facebook and over 3K retweets.
In a world where security firms are shifting their focus from research to marketing, all of us should be wary: the media needs more fact-checking, startups like Telegram need more proactive PR and the public needs to be more careful about the motives behind the reports. Otherwise we’ll be constantly held hostage by businesses that feed on our fears.