Tuesday 25 June 2024

Experts Sound Alarm Over Telegram’s ’30 Engineers’

Experts are weighing in and sounding the alarm over Telegram founder Pavel Durov’s boast that the company only has “about 30 engineers.”

According to TechCrunch, Durov made the revelation in an interview with Tucker Carlson. As the outlet noted, Durov was bragging about his company being “super efficient,” but experts didn’t agree with his assessment.

Between being based in Dubai, and only have 30 engineers in a field that is a ripe target for bad actors, experts say Durov’s revelation is a major concern.

“Without end-to-end encryption, huge numbers of vulnerable targets, and servers located in the UAE? Seems like that would be a security nightmare,” Matthew Green, a cryptography expert at Johns Hopkins University, told TechCrunch.

Unlike Signal and WhatsApp, Telegram does not use end-to-end encryption (E2EE) by default, requiring users to manually opt-in.

“What makes Telegram different (and much worse!) is that Telegram is not just a messaging app, it is also a social media platform. As a social media platform, it is sitting on an enormous amount of user data. Indeed, it is sitting on the contents of all communications that are not one-on-one messages that have been specifically [end-to-end] encrypted,” Eva Galperin, cybersecurity director at the Electronic Frontier Foundation, told TechCrunch. “‘Thirty engineers’ means that there is no one to fight legal requests, there is no infrastructure for dealing with abuse and content moderation issues.”

“And I would even argue that the quality of those 30 engineers isn’t that great,” Galperin added. “Also, if I was a threat actor, I would definitely consider this to be encouraging news. Every attacker loves a profoundly understaffed and overworked opponent.”

Telegram has had questions raised about its security for years, with critics slamming its lack of default E2EE. What’s more, the arrest of Russian protesters relying on Telegram has cast doubt on whether the app’s encryption algorithms are truly secure.

Given the app’s history, it’s easy to understand why experts are so concerned about its mere 30 engineers.



from WebProNews https://ift.tt/yu9HeD6

No comments:

Post a Comment