For years, the ex-NSA (National Security Agency) whistleblower Edward Snowden has been raising awareness about so-called secure messaging applications or programs and publically criticised apps like Skype, Google Allo, and Telegram.
In fact, NSA documents leaked by him showed how Microsoft handed over plain text Skype chats of users to the agency. But today, citing the tense situation in Iran, the whistleblower has posted a series of tweets explaining why Telegram Messenger app is unsafe and it can be secured with little effort.
In his first tweet, Snowden wondered why an app like Telegram has unsafe and censorable public channels when it claims to provide secure messenger service. According to Telegram FAQ page, “Channels are a tool for broadcasting public messages to large audiences.”
Many don’t seem to understand why I object to @Telegram having unsafe, censorable public channels in an app that is promoted as a secure messenger. Some presumed I just don’t understand how channels work. So let’s talk about it:
— Edward Snowden (@Snowden) December 30, 2017
He then gave a brief background of Telegram in Iran due to the sudden political unrest and protests against the government and how the authorities can use Telegram app to track user conversations for political advantages since Iran has more than 40 million people using the app.
Background: @Telegram has a special position in Iran. Its “public channels” are an important source of news for many low-tech users. Competing services are often blocked, but Telegram makes concessions to avoid this (like setting up local CDNs https://t.co/Lnec1oemsw ).
— Edward Snowden (@Snowden) December 30, 2017
Earlier today, Telegram shut down a channel that called for “violent protests” against the Iranian government. It happened after Mohammad-Javad Azari Jahromi, Iranian telecommunications minister, tweeted Pavel Durov, the CEO, and founder of Telegram.
Calls for violence are prohibited by the Telegram rules. If confirmed, we'll have to block such a channel, regardless of its size and political affiliation.
— Pavel Durov (@durov) December 30, 2017
And then came the suspension order from the CEO:
A Telegram channel (amadnews) started to instruct their subscribers to use Molotov cocktails against police and got suspended due to our “no calls for violence” rule. Be careful – there are lines one shouldn’t cross. Similar case from October – https://t.co/OWQFBLywjr
— Pavel Durov (@durov) December 30, 2017
Snowden, on the other hand, highlighted the fact that due to its public channels the company will face pressure from the Iranian government. The latest example of it is the suspension of “amadnews” Telegram channel.
On the other, it means @Telegram will face increasing pressure over time to collaborate with the Iranian government’s demands for this or that. Today we saw the communications minister demand a big channel be shut down. And here’s where we start getting into complexity.
— Edward Snowden (@Snowden) December 30, 2017
Should Telegram shut one Iranian channel down to preserve access to all the others? Most would say “of course.” It’s more important to keep that tether to their ecosystem alive, right? They’re in something close to a monopoly position, where the fallback for many is unsafe SMS.
— Edward Snowden (@Snowden) December 30, 2017
Snowden then tweeted to Durov and reminded him of what happened when he was forced from Russia for not doing enough favors at Vkontakte (VK), a Russian-based online social media and social networking service founded by Durov.
If we presume @Durov is acting morally, this might sound like an argument for Telegram to do whatever they can to keep their Iranian presence alive. But this is unsustainable, which he should know: after all, he was forced from Russia for not doing enough favors at Vkontakte.
— Edward Snowden (@Snowden) December 30, 2017
He also advised Telegram to come up with features that may help the people by keeping the service accessible “even after the block” by authoritarian regimes. Moreover, Snowden questioned why Telegram still encourages “dangerous cloud messaging instead of secret chats.”
You can’t keep an independent, destabilizing service from being blocked in authoritarian regimes, you can only delay it. So you need to be thinking about how to continuing protecting people by making the service accessible *even after the block.*
— Edward Snowden (@Snowden) December 30, 2017
And this is where we start getting to my core concerns. @Telegram has for years faced criticisms about the basic structure of its security by prominent cryptographers and technologists. Many defenses rely upon unbroken trust in a central authority (the company). “Trust us.”
— Edward Snowden (@Snowden) December 30, 2017
We’ve seen some improvements, and that’s not nothing. But not the revolutionary rework it needs. Telegram still seems to encourage dangerous cloud messaging instead of secret chats. Experts ask “why?” And the answer is “convenience.” That’s unsafe.
— Edward Snowden (@Snowden) December 30, 2017
Snowden advised Durov to convert all Iranian Telegram users accounts to 2FA (Two Factor Authentication) and teach them how to use Tor bridges. According to Tor Project, bridges relays are Tor relays that are not listed in the main Tor directory. Since there is no complete public list of them, even if user ISP is filtering connections to all the known Tor relays, they probably will not be able to block all the bridges.
Governments are becoming more abusive, not less, on the internet, especially in places like Iran, China, and Russia. @Durov said @Telegram has 25,000,000 daily users in Iran. He could be converting them all to 2FA. He could be teaching them how to use Tor bridges. I hope he will.
— Edward Snowden (@Snowden) December 30, 2017
To read all the tweets posted by Snowden click here.
Remember, Snowden is a big fan of encrypted messaging app Signal and advises his followers to use Signal. In fact, in one of his tweets, he mentioned using Signal app every day. The only issue with Signal app is that it asks users to submit their phone numbers while signing up. However, there are some steps you can follow to sign up for Signal without giving out your phone number.
I use Signal every day. #notesforFBI (Spoiler: they already know) https://t.co/KNy0xppsN0
— Edward Snowden (@Snowden) November 2, 2015
Also, earlier this month, Snowden teamed up with a group of privacy advocates and released an app called Haven that can turn user laptop into a security system and protect their privacy in real time.
Did you enjoy reading this article? Like our page on Facebook and follow us on Twitter.
