|Developers:||Telegram Messenger LLP|
|Date of the premiere of the system:||2014/07/21|
|Last Release Date:||2019/11/29|
|Technology:||IP telephony, Office applications|
For the beginning of 2019 most of users of Telegram live in Iran, Malaysia and Uzbekistan.
2018: Daily and monthly audience
Main article: Enciphering in Telegram
The only difference of the messenger from other analogs is the aspiration to resist to the Russian security services due to failure to provide encryption keys for access to correspondence of users.
The head of Roskomnadzor Zharov began to use Telegram
At the end of December, 2019 it became known that Alexander Zharov began to use Telegram. As you know, Roskomnadzor which it heads was an initiator of blocking of the messenger. Read more here.
Illegal access to correspondence contents on IOS and Android devices
On November 29, 2019 the company Group-IB announced a number of the incidents connected with receiving illegal access to correspondence contents to Telegram on devices iOS and Android at clients of different operators cellular communication. In all cases on devices of victims the only factor of authorization were SMS. The danger is that thus malefactors can get access and to others to messengers to social networks to e-mail, to different services or to applications of mobile banking where for authorization only SMS are used.
According to the company, at the end of 2019 several Russian entrepreneurs who faced a problem of unauthorized access of unknown to their correspondence in the Telegram messenger addressed to department of investigations of cybercrimes of Group-IB. Incidents occurred on IOS and Android devices irrespective of what client of the federal cellular operator was the victim.
The attack began with the fact that the message from service channel Telegram came to the Telegram messenger to the user (it is an official channel of the messenger with a blue tick of verification) with a confirmation code which the user did not request. After that on the smartphone of the victim SMS with an activation code fell — and practically at once the notification that in the account the input from other device was made came to service channel Telegram.
In all cases of which Group-IB is known malefactors came into someone else's account on the mobile Internet (possibly, disposable sim cards were used), and the IP address attacking in most cases was in Samara.
Specialists of Group-IB emphasize, in Telegram all necessary options of cyber security which will nullify efforts attacking are already implemented, however not everyone uses them.
| ||I recommend to set as soon as possible in Telegram an additional factor of authorization in the form of the password, in addition to obligatory SMS, important to make it to everyone. Further it is necessary to check also other applications and also services which use SMS messages for authorization as the main or second factor or for recovery of the password to e-mail, social networks, access to applications of mobile banking, for delivery of one-time passwords.|| |
Group-IB warns that the similar attack can be successful only if in the Telegram settings on the smartphone the option "Cloud Password" or "Two step verification" are not activated. For this reason on IOS and Android devices for Telegram it is necessary to turn into the Telegram settings, to select the Confidentiality tab and to appoint "The cloud password \Two-step check" or "Two step verification".
Experts of Group-IB add that it is desirable not to set the e-mail address for recovery of this password as, as a rule, recovery of the password to e-mail happens through SMS too.
The research of Laboratory of computer criminalistics Group-IB where electronic devices of victims were transferred, showed that the equipment was not infected with the espionage malware or a bank trojan, accounts are not cracked, substitutions of the SIM card was not made. In all cases malefactors got access to the messenger of the victim using the SMS codes received at an input in the account from other device.
This procedure looks as follows: at activation of the messenger on other device, Telegram sends the code via the service channel to all devices of the user, and then already (on demand) on phone the SMS message leaves. Knowing about it, malefactors initiate a request for sending by the SMS messenger with an activation code, intercept this SMS and use the received code for successful authorization in the messenger.
Thus, attacking get illegal access to all current chats, except confidential and also to the history of correspondence in these chats, including to files and photos which were sent to them. Having detected it, the legal user of Telegram can compulsorily complete the malefactor's session. Thanks to the implemented mechanism of protection of the return cannot occur, the malefactor cannot complete older sessions of this user within 24 hours. Therefore it is important to detect a foreign session in time and to complete it not to lose access to the account. Specialists of Group-IB sent the notification to the Telegram command about the research situations.
Studying of incidents continues, and for November, 2019 is definitely not set what scheme was used for a bypass of a factor of SMS. At different times researchers gave examples of interception of SMS using attacks on the SS7 or Diameter protocols used in mobile networks. Theoretically similar attacks can be implemented with illegal use of special technical means or the insider in cellular operators. In particular, at hacker forums in the Darknet fresh declarations with offers of cracking of different messengers, including Telegram.
| ||Specialists in the different countries including in Russia, repeatedly said that social networks, mobile banking and messengers it is possible to crack using vulnerability in SS7 protocol, however it were isolated cases of the purposeful attacks or pilot studies. In a series of incidents which for November, 2019 more than 10, desire attacking to deliver this method of earnings on a flow is obvious. In order that it did not occur, it is necessary to increase own level of digital hygiene: at least to use multi-factor authorization everywhere, where perhaps, and to add an obligatory second factor to SMS that is functionally put in the same Telegram.|
Sergey Lupanin, the head of department of investigations of cybercrimes of Group-IB told
Vice: Telegram is the safe environment for the right extremists
In October, 2019 the Vice edition accuses Telegram of creation of the safe environment for white nationalists. It analyzed over 150 (mainly English-language) far right channels and found out that about a third from them were created since the beginning of 2019.
Besides, writes Vice, the rhetoric such Telegram channels begins to be radicalized. For example, many of them began to profess philosophy according to which it is possible to construct a new white civilization only having resorted to violence and having undermined social stability. Many far-right channels actively began instructions for production of self-made bombs, concealments of weapon and preparation for mass firing will extend.
In confirmation of the arguments Vice provides statistics according to which in 2018 50 people died from hands of white nationalists in the USA that is 35% more, than the previous year. At the same time far-right groups, according to the edition, arise also after loud acts of terrorism. For example, after firing in Christchurch (the terrorist attack which happened in New Zealand on March 15, 2019 then died 51 persons and 49 were wounded) 22 new radical telegrams channels appeared.
Possibly, Telegram attracts nationalists with the fact that using the messenger they can exchange an unlimited number photo, video and audiomaterials. And it is the most popular instruments of extremist promotion, Vice specifies. To other useful features of the messenger, the edition carries a possibility of mutual reposts and creation of the closed chats.
Because of the policy Telegram becomes a shelter of the radicals expelled from other platforms, poditozhivat Vice. It cites as an example forum 8chan which quietly exists in Telegram even in spite of the fact that all other Internet companies blocked it after at once several terrorists opened fire, previously having published the manifestos on this platform.
Pavel Durov did not begin to talk to Vice.
Edward Snowden does not recommend to officials to use WhatsApp and Telegram
On September 16, 2019 Edward Snowden warned the high-ranking officials against use of WhatsApp and Telegram. According to the former employee of the National Security Agency (NSA), these messengers are unsafe. Read more here.
Roskomnadzor distributed to operators the equipment for blocking of Telegram
In the middle of September, 2019 it became known that Roskomnadzor distributed to telecommunication operators the equipment for blocking of Telegram and other Internet resources banned in the Russian Federation. About it the Reuters agency was told two sources in a telecom.
According to one of them, will pass test in Tyumen on real users. According to the results of tests which will last until the end of September, 2019, it is going to understand how devices what failures are, etc. work.
The new equipment for blocking was made by "РДП.ру". 15% of this company belong to Rostelecom. In March, 2019 it was reported that the solution "РДП.ру" on blocking of the prohibited resources was recognized the most effective during laboratory experiment.
Representatives of telecom operators refused comments. Roskomnadzor did not respond to the request of the agency. In "РДП.ру" said that do not know where passes test.
Earlier in 2019 the head of Roskomnadzor Alexander Zharov in an interview of RIA Novosti reported that Roskomnadzor works on new instruments of complete blocking Telegram. He noted that he will be able to set the price and characteristics of the equipment in October.
By September of the 2019th the messenger is still available to users in spite of the fact that Roskomnadzor blocks Telegram by a court decision because of failure of the messenger to transfer encryption keys in FSB.
On November 1, 2019 will become effective the law on "ensuring safe and steady functioning" of the Internet in the territory of Russia. The law obliges operators to install on the networks technical means which will limit access to the resources prohibited in the territory of the Russian Federation. Their number includes filtering system of traffic of DPI (Deep Packet Inspection). Probably will pass test of the equipment for blocking of resources in Tyumen within this law.
Function of complete concealment of the phone number
On September 5, 2019 in Telegram there was an opportunity to hide the phone number. For gaining access to this function it is necessary to update the application to the latest version and to select from privacy settings who can see the phone number: anyone, only contacts or anybody.
Earlier when choosing an option "not show anybody my number", phone of the user remained is available to those who saved it in the contacts, regardless of privacy settings. Now it is possible to hide phone numbers completely.
The messenger released update against the background of concern of protesters in Hong Kong. Protesters who use group chats, consider that the authorities could use the general base of phones, add number to the list and find them in protest chats. And this defect was eliminated by developers of service. Though it was necessary to make it for a long time, the ex-director of the special directions of the Telegram messenger Anton Rosenberg considers.
| ||Groups in Telegram are even more often used for communication of users who are exposed to oppression. We consider that all people have the right to express the opinion and to communicate in a private order, says Telegram.|| |
Besides, the postponed sending messages was added to the updated application, it is more than animated emoji and also an opportunity to create own subjects of a design and to share them. Now it is possible to add up to 200 thousand participants to the public Telegram groups.
Earlier it was announced development of Telegram of new privacy settings with the purpose to protect protesters in Hong Kong. So updating of the messenger will allow to prevent the authorities to define participants of group chats of the application. The founder of Telegram Pavel Durov also accused the Chinese authorities of DDoS attacks on the messenger during protests in Hong Kong.
Telegram issues to security officers of participants of meetings and protests
The Telegram messenger can issue to the third parties phone numbers of users without them on that consent. The gap in a security system of popular service was detected in the summer of 2019 by software developers from Hong Kong.
According to specialists, the hole detected by them can be used by the authorities and intelligence agencies for collecting of phone numbers of those who participate in meetings and actions a protest. The ZDNet resource writes that personal data of those who participate in protests in Hong Kong can be in this way calculated and coordinate the actions via Telegram.
How it works
Malefactors can circumvent privacy settings in the messenger in which it is possible to hide visibility of the phone number. It works even if to hide the phone number from all, including the contact list. To find out whether this or that person in protest groups and chats in Telegram consists, it is enough to third parties to add only to the address directory thousands of numbers then to be connected to necessary groups and to synchronize the contacts with the client of Telegram. After synchronization the messedzher will show at once which of owners of the added numbers consists in "unpopular" groups.
Possible de-anonymization of users of Telegram is of great importance for Hong Kong now. Through the whole country since the beginning of June, 2019 numerous protest actions against the bill of consideration of requests for extradition of suspects of the criminal offenses from the territory of Hong Kong given by the authorities of Macau, Taiwan and China take place. The document was taken cognizance, as induced residents of Hong Kong to express the discontent. Protesters organized a procession, constructed barricades and blocked off the traffic on large highways and roads. In the first day of a protest the bill was opposed by more than 240 thousand people that became the largest demonstration in Hong Kong for the last 20 years.
Built in circumventors of blocking of new type Telegram
In the Telegram messenger the possibility of masking of traffic under the HTTPS protocol appeared. Information on it appeared on the GitHub resource. For masking under HTTPS developers added a prefix of a secret of "ee" to the code of the client. Besides, in addition to encoding technique base16 an opportunity to cipher a secret in the proxy server address using base64 it was implemented.
In the protocol between the client Telegram and the proxy server added an additional layer of encapsulation over the TCP protocol. Thanks to it data are wrapped in the record TLS. Data transmission happens in HTTPS over this cryptographic protocol. Also emulation of TLS handshake at the beginning of work was added. Telegram already started proxy servers on Python and Erlang where masking is implemented.
In the beta of Telegram for iOS geochats appeared
On June 19, 2019 it became known that in the beta-version of Telegram for iOS geochats appeared. In them the people who are next to each other and integrated by common interests will be able to correspond.
Any user can create a geochat, it is necessary to specify its subject and radius of a geolocation — from 100 meters to 6 kilometers. History of a chat is available to all users, even the messages created before the specific user joined a conversation. The number of participants of a geochat is not limited.
Any user can find a specific geochat if it is near the place to which that is tied. In such chats there were "chekina" — tags which will demonstrate that the user appeared in the place tied to a geochat.
Durov suspects China of participation in failures in work of Telegram
On June 13, 2019 it became known that the founder of the Telegram messenger Pavel Durov suspects possible connection of China with failures in work of service. About it he noted on the Twitter. According to him, this country can be involved in carrying out the DDoS attacks on Telegram which became the reason of its time nonserviceability in June, 2019.
| ||"All DDoS attacks of so serious scales (power of the attacks from 200 to 400 Gbps) which we recorded indicate participation of the state and coincide with protests in Hong Kong (their coordination is conducted in Telegram)",|
'Pavel Durov, the founder of the Telegram messenger noted'
Earlier on official Twitter of service the message about possible interruptions in work in connection with the large hacker attack appeared. Representatives of Telegram assured that data of all users are in security.
Problems in work of Telegram began on June 11, 2019 and mentioned the whole world. According to the Downdetector resource, the instability in work of the messenger was observed in the USA, South America, a number of the countries of Europe, in the Middle East and also partially in the Pacific Rim. Most of users (95%) could not be connected to service, and sending messages did not work for 4%.
Pavel Durov connected DDoS attack on the messenger with the protests which began in Hong Kong on June 9, 2019. Citizens of the country took to the streets, expressing a protest against the bill of consideration of requests for extradition of suspects of the criminal offenses from the territory of Hong Kong given by the authorities of Macau, Taiwan and China.
The document was taken cognizance, as induced residents of Hong Kong to express the discontent. Protesters organized a procession, constructed barricades and blocked off the traffic on large highways and roads.
By estimation of police, in the first day of a protest the bill was opposed by more than 240 thousand people. It became the largest demonstration in Hong Kong for the last 20 years. The protest action bore fruit: On June 12, 2019 it became known of transfer of consideration of the bill for an indefinite term.
Others correspondence in Telegram can be purchased at the SIM card price
The female resident of Belarus detected in the Telegram messenger the dangerous vulnerability allowing to get access to all correspondence of the user without request of intelligence agencies and transfer of encryption keys. The revealed scheme works regardless of the country, and to fall a victim.
The defect of a security system of Telegram allows to purchase all history of correspondence of the user in a literal case at the SIM card price. According to the Onliner portal, the female resident of Belarus whose Telegram account was initially tied to the Belarusian phone number, moved to other country and purchased the new SIM card. The Telegram application was reinstalled, and the owner of an account re-registered it on new number. After obtaining all test messages in its smartphone there was a correspondence of the person absolutely unfamiliar to it, and her name and the photo in a profile were replaced with others.
How it is possible?
Gaining access to correspondence of other user became possible thanks to the fact that the phone number purchased by the Belarusian belonged earlier to this person who registered on it own Telegram account in due time and used service. Afterwards the telecom operator probably returned number to sale on an absence reason of activity of the previous owner (such practice exists also in Russia).
The incident can mean that any of users of Telegram which is positioned as one of the most protected messengers cannot be sure that its correspondence will not get into strange hands up to the end.
In the list of the 20 most protected messengers according to Artezio
Artezio analysis department (enters into LANIT group) published on November 26, 2018 the list of 20 messengers capable to provide the high level of privacy. The rating was according to the results of complex testing of programs, at the same time the quality of data encryption and reliability of information security tools were key criteria when forming final expert evaluation, representatives of Artezio reported TAdviser. Telegram was at the third place of the list. Read more here.
De-anonymization of users of Telegram
As researchers set, by default Telegram directs voice calls through P2P-connections. At the same time the IP address can be displaid in the console. However, not all versions of Telegram support the console, for example, it is not visible under Windows, but is quite available under Linux.
Experts found out that if to redirect calls via servers of Telegram, the IP address will not be visible. But it will demand manual change of settings: Settings-> PrivateandSecurity-> VoiceCalls-> Peer-To-Peerна of Never or Nobody value, and at the same time will decrease quality of sounding a little.
The expert in security known under the nickname Dhiraj, already earned from Telegram developers a reward in the amount of 2 thousand euros for detection of this problem.
Vulnerability received CVE-2018-17780 index. It is at the moment corrected in versions of Telegram for Desktop 1.3.17 beta and 1.4.0; now there was an opportunity to disconnect P2P-calls.
Telegram developers initially claimed that the problem with P2P-communications is neutralized by that circumstance that the option My Contacts limiting a possibility of viewing the IP address of the user with the list of its contacts is by default exposed.
However later it became clear that API Telegram contained an error which leads to the fact that within several hours after the next login P2P-connections remained open for all. According to the company, for October 1, 2018 this problem is corrected.
Roskomnadzor is ready to unblock Telegram with the consent of FSB
"According to the decision of Tagansky district court of Moscow of April 13, 2018, access restriction in the territory of Russia to Internet resources which functioning is provided to Telegram Messenger Limited Partnership is performed before execution by the specified organizer of dissemination of information on the Internet of an obligation for providing in federal executive authority in the field of security of information necessary for decoding of the accepted, transferred, delivered and (or) processed electronic messages", - explained in the press service of RKN.
Thus the decision on a compliance with regulatory requirements will be made by FSB. In the presence of the positive solution Roskomnadzor is ready to begin an unblocking, noted in department.
Telegram promised to issue numbers and the IP addresses of terrorists
As it appears from point 8.3 of the updated policy, Telegram can issue the IP address and the phone number of the person, but only in the presence of the relevant decision of the court proving participation of the user in terrorist activity.
Telegram can secretly read messages of users
Telegram, the popular messenger developed by Pavel Durov, the founder of social network "VKontakte" can monitor correspondence of users of "cloud" chats. Authors of Telegram-канала Mediatube came to such conclusion, having analyzed the mechanism of authorization of users.
At installation of the application on the new device, to the user the Sms comes with the five unit code of authorization. Besides, the same code is duplicated in a chat of office notifications. It can be seen on each device of the owner of an account Telegram. This code needs to be entered on the new device to begin to use the application.
Users noticed that if to copy the code of authorization or to enter it manually and to send to any chat, the code will lose the relevance and will not work in attempt to become authorized with its help on the new device. Cancellation of the code of authorization will happen even in case of sending the mixed message – it is possible to add to the code as is wished any signs, and it will not affect capability of Telegram in any way to isolate it from a character sequence. However when sending the code to a confidential chat this procedure of cancellation will not work.
Results of the made experiment can be the proof that correspondence of users is analyzed by a certain algorithm on server side, at least, at authorization implementation. This theory is spoken well by the fact that the code of authorization is not cancelled when sending to a confidential chat as messages in such chats are exposed to end-to-end enciphering, are not stored on the Telegram servers and are available only to the sender and the receiver.
It is possible to call this feature interesting approach to protection of an account against theft of codes of authorization and prevention of unauthorized access to it. Nevertheless, similar approach leaves a field for speculation and suspicions: whether reads Telegram and other messages of users?
RKN asked to change the Telegram code for receiving encryption keys
Prior to blocking of Telegram FSB and Roskomnadzor within a year tried to convince of Russia company management of Telegram to change architecture of the messenger and to provide keys for decoding of correspondence of users. As consider in departments, the company has for this purpose a technical capability. The representative of Roskomnadzor reported about it in June, 2018 during consideration of the complaint of representatives of Telegram to the decision of Tagansky district court on blocking of service in Russia.
| ||"FSB and Roskomnadzor within a year made attempts to induce Telegram to change architecture of the messenger. We consider that the structure of any messenger can be changed for reduction according to the Russian law. Therefore we consider that Telegram has technical capability to provide keys for decoding", - the statement of the representative of supervising service gives TASS.|| |
8 million IP addresses which were used by Telegram are unblocked
Putin spoke against blocking of Telegram
On annual "Hotline with Vladimir Putin" the President of Russia, answering questions of the audience, commented on the situation which developed as a result of attempts of Roskomnadzor to block the Telegram messenger.
| ||"I perfectly know about a situation around Telegram. But I on the place worry for safety of people. I worked in intelligence agencies and I know: the easiest to prohibit, more difficultly to find civilized methods of the solution. I will convince colleagues to go on this way" — the president told.|| |
The same, according to him, treats a possibility of prohibition in Russia of YouTube and Instagram. Putin reported that Russia is not going to close popular social networks and Internet resources. According to him, law enforcement authorities should look for such methods of fight against terrorism which will not be to the detriment of freedom on the Internet. He intends to induce security officers not to limit this freedom. The president suggests to practice use of different tools, but not their blocking.
Telegram opened source codes of a proxy for a bypass of blocking
The Telegram company placed on the GitHub portal the source code of the proxy server working under the MTProto protocol. The instruction for its setup is published on Docker Hub. The protocol works only in the messenger and is not compatible to other.
Creation of own proxy server will require the computer with the set Docker and connection to network of the provider who is not blocking access to Internet resources. Port 443 should be free.
It is noted that one process of the proxy server supports tens of thousands of connections. For the purpose of performance improvement developers set restriction on processing of connections – up to 60 thousand on one core of the processor.
At the moment only users of Android devices can be connected to a MTProto-proxy. New MTProto-proxies do not work at clients of Telegram and Telegram of X on the IOS platform as Apple from the middle of April blocks updatings of the application of Telegram in App Store.
Apple prohibits to update Telegram for iPhone and iPad
The Apple company does not allow the Telegram messenger to update one and a half months its application in AppStore. Creators of the messenger reported about it on the project website in the section "Frequently asked questions" (FAQ).
Answering a question of compliance of Telegram to "The general regulations on data protection" (GDPR) of the European Union, authors of the project reported that "users of Android received updating of GDPR in version 4.8.9, Apple globally blocks updates of Telegram for its IOS-APPLICATION from the middle of April".
Roskomnadzor demanded from Apple to delete Telegram from AppStore
Roskomnadzor sent to the company to Apple the letter with the requirement to stop distribution through App Store of the Telegram messenger and also mailing of its service push-notifications for the Russian users.
| ||"In order to avoid possible actions of Roskomnadzor for violation of functioning of the services Apple, Inc stated above. we ask you to inform in the shortest possible time us on the further actions of the Company directed to the solution of these problematic issues", said in the letter (the spelling and a punctuation are saved).|| |
The head of department Alexander Zharov added that Roskomnadzor will wait for the answer from Apple "within a month" as it is about "the company with high degree of bureaucracy", Interfax tells.
Roskomnadzor armed against Telegram with new technologies
The head of Roskomnadzor Alexander Zharov promised and to implement new technical solutions for blocking of Telegram in the territory of Russia from now on. As Zharov told journalists of Interfax on the sidelines of PIEF 2018, at the disposal of department there are already certain technical solutions ready to implementation.
About what solutions there is a speech, the head of Roskomnadzor did not specify, will not block however a subnet of any companies the regulator any more. Now Roskomnadzor "works pointwise" without harm for "respectable resources".
According to Zharov, a number of the companies already took the corresponding steps with the purpose to deprive of Telegram of an opportunity to bypass blocking. For example, Microsoft does not give to the messenger any more an opportunity to use a configuration file of the Microsoft Download service. Stopped providing Telegram the IP addresses to Google. Besides, concerning Telegram dialog with Amazon continues. Negotiations with the company go not so quickly as it would be desirable, and so far to speak about results early, but "we are people patient", Zharov noted.
Built in tools of a bypass of blocking of new type Telegram
On the page of localization of the Telegram application for Android OS in May, 2018 there were new lines of a text to be translated from English on other official languages of the application which demonstrate that in the nearest future in the popular messenger support of the proxy server (the service in the computer networks acting in a mediator role between the user and some resource in network) of new type under the name MTProto Proxy will be implemented.
This solution is developed especially for ensuring functioning of Telegram in the conditions of blocking of the messenger by providers of communication services.
Advantage of a new solution over HTTP-and SOCKS5 proxy which support is implemented in stable releases of the messenger consists in higher performance and security.
Besides, servers on MTProto to providers will be much more difficult to be blocked.
Will lock Telegram in the Iranian state agencies
On April 18, 2018 it was announced Telegram prohibition in the Iranian state bodies after the Supreme leader of the country ayatollah Ali Khamenei ceased to use this messenger for reasons of national security.
| ||According to protection of national interests and for elimination of monopoly of Telegram the ayatollah Khamenei will stop the activity in this network, said in his last message in Telegram.|| |
According to the news agency ISNA, the Iranian government employee prohibited to use Telegram. What measures will be taken in respect of violated this requirement, is not specified.
Ali Khamenei is an active user of social networks, even despite blocking of Twitter and Facebook in Iran. Its office constantly publishes photos and information from speeches of the leader. Users of Telegram after blocking are offered to read Hameneni's messages in the Soroush and Gap messengers of the Iranian development.
Telegram was already blocked in Iran — at the end of 2017 after a series of antigovernmental demonstrations. However two weeks later service resumed work.
To the middle of April, 2018 about 45 million inhabitants whereas all population of Iran makes 80 million people use the Telegram messenger. Telegram is popular in the countries of the Middle East and the former USSR, the Reuters agency notes.
The Iranian media in Telegram channels for several weeks to the full Khamenei's offices suggested to use Telegram also to the subscribers different options where relevant news messages will be published. The Iranian news agencies and television, however, still continue to use the Telegram messenger.
In April, 2018 the representative of the Supreme Court of Iran said that Telegram and other foreign messengers will be able to work in the country only if get permissions from the government and will store data of citizens within the country.
Removal from App Store and Google Play
Roskomnadzor sent to shops App Store and Google Play the requirement to delete Telegram, reports on April 17 RBC with reference to representatives of the regulator. Shops should delete the application in "the shortest terms". Earlier Roskomnadzor also demanded to delete Telegram from the largest mirror of the APK Mirror applications. Telegram disappeared from the website apkpure.com where installation files of programs give all the best, and from forum 4pda the branch of discussion of Telegram was gone.
Durov will select "millions from personal funds for preserving of Telegram"
The creator of Telegram Pavel Durov declared determination to select millions of dollars from personal funds for grants for administrators of the proxy/VPN services helping to bypass blocking of the messenger. About it he wrote on the page VKontakte.
"Within Digital Resistance – the decentralized movement in protection of digital freedoms and progress – I began to pay bitcoin grants to administrators of proxy and vpn. Within this year I will be glad to offer millions of dollars of personal funds for these purposes" — Durov reported.
During hunting for Telegram of RKN blocked 19 million IP addresses, in tch Google, Amazon, Microsoft
The main article [[Censorship (control) on the Internet. Experience of Russia]
According to the head of Diphost, at the moment in connection with blocking of Telegram about 18 million IP addresses are entered in the register. In particular, under blocking the address pools belonging to cloud services of Amazon, Google, Microsoft, etc. got.
Roskomnadzor blocked subnets of OVH, Hetzner, Online.net, Microsoft and dr:
- 220.127.116.11/15 - Amazon.com, Inc.
- 18.104.22.168/13 - Amazon Technologies Inc.
- 22.214.171.124/19 - Google LLC
- 126.96.36.199/17 - DigitalOcean, LLC
- 188.8.131.52/17 - Digital Ocean, Inc.
- 184.108.40.206/16 - DigitalOcean, LLC
- 220.127.116.11/16 - DigitalOcean Cloud
- 18.104.22.168/16 - DigitalOcean, LLC
- 22.214.171.124/16 - Amazon Technologies Inc.
- 126.96.36.199/15 - Amazon.com, Inc.
- 188.8.131.52/16 - Amazon Technologies Inc.
- 184.108.40.206/15 - Amazon Data Services Japan
- 220.127.116.11/15 - Amazon Data Services UK
- 18.104.22.168/17 - Iliad Entreprises Customers
- 22.214.171.124/15 - Microsoft Limited UK
- 126.96.36.199/17 - Digital Ocean, Inc.
- 188.8.131.52/23 - Clouding.io Virtual Machine Hosting
- 184.108.40.206/16 - Hetzner Online GmbH
- 220.127.116.11/16 - Online.net Dedicated Servers NL
- 18.104.22.168/16 - OVH SAS
- 22.214.171.124/14 - Amazon Technologies Inc.
On April 21-22 Roskomnadzor blocked several IP addresses of Google, follows from the unofficial copy of unloading of the register which Roskomnadzor transfers to telecom operators for blocking of the websites. Access is limited to IP addresses 126.96.36.199 and 188.8.131.52. According to ipinfo.io service, they belong to Google. According to the CEO of Diphost provider Philippa Culina, all about 60 IP addresses of the website google.com are blocked. Failure in work of the Google search engine is observed on April 22 in several cities of Russia as data of the Downdetector service monitoring work of popular Internet resources testify. Problems in work of the searcher began approximately per hour nights across Moscow. The website of the searcher did not open at 69% of users, another 30% reported that they cannot log in the accounts.
By noon on April 17 in unloading of the black list of Roskomnadzor controlling blocking by telecom operators of resources with illegal content, the quantity of the blocked IP addresses exceeded 4,500,000. From them one million is represented by the blocked subnets of the Amazon company (184.108.40.206/15, 220.127.116.11/15, 18.104.22.168/15 and 22.214.171.124/14 were entered in the register in one step, later in the register was are in addition entered subnets 126.96.36.199/15 and 188.8.131.52/12) providing a cloud service of AWS, and more than one and a half million — Google company and Alphabet holding (a subnet 184.108.40.206/12 and 220.127.116.11/13, a bit later - 18.104.22.168/12).
For one day on April 16, 2018 Roskomnadzor blocked in Russia about 0.04% of all IP addresses of space of IPv4 (totally 2 ³ ² the addresses). For the second — as much again.
As a result of these actions less, than for two days since the beginning of blocking Telegram, partial and time unavailability were tested by such large companies as Microsoft (Xbox), including pages with officially extended software of the company (http://software-download.microsoft.com/), Evernote popular and the Viber messenger observing the legislation on transfer of encryption keys, school of English SkyEng, service of a courier delivery Birdie, a payment service of Cloudpayments both numerous proxy and VPN servers and services. Also it was announced failures in work of banks from top-20, private clinics, gateways 3-D Secure.
According to the head of supervisory authority Alexander Zharov 'there is a fight of armor and a shell', resulted in unavailability not only providers of communication and a hosting services, but also legitimate services and products of the numerous companies, both Russian, and foreign.
Qrator Labs notifies on need of condition monitoring of own services and possible hit of the used IP addresses in the blocked subnets — technical solution of this problem, except as changes of the used IP address, does not exist. In a situation of further blocking of subnets of large providers the problem can start 'domino effect' and affect the services which are indirectly connected with the blocked subnets. In case of hit in blocking of subnets of such services as GitHub, GitLab, DigitalOcean and many others will be broken infrastructure of open-source of modules, the applications and expansions used by developers during creation of own systems and applications.
Telegram bypassed blocking in Russia by a new method which cannot be prohibited
Initially Telegram bypassed blocking of Telegram in Russia using the IP addresses of Amazon company, however Roskomnadzor blocked more than half a million from them in advance to prevent work of service for the sake of performance of the Russian legislation. Nevertheless, the administration of the messenger found a way out of current situation. Now to make blocking of the separate addresses IP it is simply useless because service will still continue to work.
In the Telegram application for all platforms it is embedded service dense forests of DC_Update which serves for updating of the address of data center, from which communication is performed. In normal time it is used for stability augmentation and acceleration of sending / obtaining messages, however it can be used also for a bypass of blocking that the administration of the messenger decided to make. Earlier nobody ever used such method.
The system of dense forests DC_Update works so that the request comes not from the Telegram server which in Russia is blocked, and with the server of Apple, Google and Microsoft. Every time when dense forests is updated, and it occurs constantly, the application can is reserved to receive the addresses of new servers of the messenger from all. To block this alternate path Roskomnadzor should block tens of millions of IP addresses that will lead to complete isolation of all Russian Internet from world.
Even if suddenly by some miracle Roskomnadzor will be able to learn the addresses IP which Google, Apple and Microsoft using DC_Update address, then it all the same will not begin to block them because all third-party applications, including WhatsApp, Viber and other in that case will correctly cease to work. The web version of a messedzher of Telegram does not use given dense forests because of restrictions therefore it forever and will remain blocked.
The court decided to block immediately Telegram in Russia
Tagansky district court of the city of Moscow decided to limit access to Telegram service in the territory of Russia. It was said by the judge Yulia Smolina, the correspondent of RBC from a meeting tells.
The court also satisfied the petition of Roskomnadzor for immediate effect of the decision on blocking of the messenger. Now Roskomnadzor should direct court's decision to telecom operators with indication of about need of taking measures to access restriction to service. Domain names of telegram.org, web.telegram.org, t.me and the IP address of the Telegram servers can be entered in the register of the blocked pages. After that providers will have to limit access to messenger resources within a day from the moment of updating of the register (it is updated daily at 9 a.m. and 9 p.m. Moscow time).
The businessman and the programmer Pavel Durov published for users of "Telegram" the detailed instruction how to continue to stay in touch in the popular application. According to him, the messenger he will use the built-in methods of a bypass of blocking which are not demanding actions from users, however does not guarantee availability of service without use of VPN.
Tagansky Court of Moscow made the decision on blocking of Telegram in the territory of the Russian Federation. What should be meant to users:
- Telegram will use the built-in methods of a bypass of blocking which do not demand actions from users, however 100% availability of service without VPN is not guaranteed.
- During the first hours blocking third-party VPN/Proxy-services can be overloaded and will slowly work with high probability.
- Irrespective of existence of blocking, Telegram will save an opportunity on a centralized basis to send notices to all Russian users, informing on development of the situation.
Important: do not delete and do not reinstall Telegram at emergence of problems with communication. Try to download timely updates of Telegram in AppStore or Google Play.
Anyone can edit others entries in Telegram
During the research conducted by the author it became clear that links of a type t.me, usual for users of Telegram, can conduct on phishing sites, actually not such and private, and articles in Telegraph, the publishing service which is closely integrated with Telegram anyone can edit private chats.
Editing someone else's messages
Vulnerability affects the publishing service Telegraph developed by Pavel Durov and a command of the Telegram messenger in 2016. Having analyzed, the HTTP request sent for the Telegraph servers the author came to a conclusion that for editing any article the malefactor needs to know only its unique identifier which can be found directly in the HTML-code of the page with this article.
As a rule, protection against the similar attacks comes down to reconciliation of a token (an accidental set of bytes) generated by the server with the sent user when following the link or clicking the button. In case of mismatch of server and client tokens, the server refuses to the user accomplishment of the requested transaction. According to the author of a research, in a case with Telegraph this approach, as well as different ways of protection, is not applied.
Private chats it is in danger
It was succeeded detect one of vulnerabilities in the course of testing of the third-party resource interacting with the domain t.me which belongs to Telegram and is used for creation of short public links to accounts of users, channels and groups in the messenger. The website offered paid councils for investments into cryptocurrencies, and Telegram bot acted as one of channels of obtaining similar information. Bot could be connected, having followed the link of a type t.me/Another_bot?start=CODE where CODE is the confidential character sequence connected with the user account on the website. Having decided to check "sensitive" data in URL (the uniform pointer of a resource on the Internet) on the indexation fact search systems, the researcher detected the first of three vulnerabilities in Telegram.
Having created so-called "дорк" (Google Dork Query is the special request to the search system allowing to find the public information hidden from public eyes) the following type: site: t.me inurl: Another_bot? start=, the author of a research detected publicly available personal code of the casual paid subscriber of that resource about cryptocurrencies. From this the conclusion was drawn that on t.me there is no prohibition on indexation of confidential data. The reason of this misunderstanding the author is called lack of the robots.txt file in the root directory of the resource connected with the domain t.me. This file is used by webmasters for a task of parameters of indexing of the website. For example, by means of this file it is possible to prohibit search robots to index certain sections of a web resource, thus having completely excluded their emergence in search issue.
Because of threat of blocking of Telegram became the most fast-growing messenger
From May to December, 2017 the interest of users in the Telegram messenger showed the highest growth in comparison with other similar services, popular in Russia, according to SimilarWeb research company,  prepared at the request of RBC.
If in May Telegram from Google Play (in nine months 2017 Android share in a segment of smartphones in Russia made 88%) was downloaded by 833.2 thousand times, then in November more than 1.682 million installations are recorded already: from May 1 to December 1 growth of number of downloadings was 168%. For this period also the share of active users of the messenger (it is considered as a share of users of the application in day from the total number of all users of the devices working on the Android operating system in Russia) — from 3.17 to 5.51% almost doubled that allowed to overtake on this indicator, for example, Skype (3.9% in November).
For comparison, WhatsApp, the application, most popular in Russia, for communication, in May downloaded 2.7 million times, in November — 3.8 million (the active audience for the same time increased from 29.97 to 33.27%).
The increased popularity of Telegram for the last months in Russia is confirmed also by the ratings of App Annie on downloadings. From October to December, 2017 Telegram was included in top-3 applications for communication both into App Store, and into Google Play, and in June and November kept on the first lines on downloadings among all App Store applications.
Telegram developers started function of online payments Bot Payments in the messenger. Function is intended for creators of bots which will be able to accept payments from the clients from the different countries of the world now.
"If you set Telegram 4.0 or more new version, you can order goods or services through offering them bots. When you click Pay, it will be offered to you to enter data of the bank card, to fill out information on delivery and to confirm payment. And you receive ordered" — developers write. At the same time if the account of the user of Telegramzashchishchen two-stage authorization (confirmation on SMS and password entry).
These cards can be saved for future purchases. Thus, next time the procedure of the order through bots will be simpler. As Telegram is the open platform, developers specified that creators of bots can use necessary API and accept payments without preliminary reconciliation procedure.
The platform for money transfers will allow users to make purchases through bots in the messenger. Bots will have a special button for the order and payment of goods and services.
For payment the client of a bot will need to enter data of the bank card and to confirm payment. The card will be linked at the same time to bots at which the user already shopped.
In the text it is reported that the payment will go directly from the client to the developer of a bot, passing Telegram. The messenger will not charge any fee from transactions. Besides, service will not accept the complaint and the requirement to return money to users as will not store data of bank cards.
The majority of payments will be made through the Stripe payment system which is not developed in Russia yet. However in the description it is emphasized that the platform is open for payment systems and from other countries.
Beta with function of voice calls
On March 13, 2017 the Telegram Messenger company announced release of the beta of the Telegram messenger in which function of voice calls became available. The complete functionality of service is still unavailable and terms of its start are unknown.
With reference to the Telegram News group in social network, mass media reported existence of the mode of enciphering of voice calls in the end-to-end mode and availability only of personal calls. Functions of shutdown of the microphone and inclusion of a public address system are available, an opportunity to apply personal permissions to calls (for example, only to the users specified in contacts).
Function of shutdown of calls "Disconnected Calls" is available. Will be presumably ringing also on the official application of the messenger for desktop OS - Telegram Desktop.
The functionality is finally not approved and some functions can be unavailable. The possibility of calls is called "the main updating of year", but the period of start of the full-function mode is not commented by none of authorities.
Official comments of developers of the Telegram messenger for March 13, 2017 are unknown.
2016: As Telegram works: overview of technologies
As a part of global service are used a proprietary server part with the closed code and several clients open source, including under the license GNU GPL.
Accounts of users become attached to phone numbers. At registration in service and the subsequent authorization of devices, an inspection of the phone number by means of Sms with the code or a telephone call is carried out.
For security the message of the messenger the MTProto protocol is created. He assumes use of several protocols of enciphering. At authorization and authentication algorithms RSA-2048, DH-2048 for enciphering are used, at transmission of messages of the protocol in network they are ciphered by AES with a key, to the famous client and the server. Are used also cryptographic a hash algorithms of SHA-1 and MD5.
Protection against interception of the sent messages from server side of Telegram is provided in the mode of "confidential" chats (Secret Chats) (it is available since October 8, 2013). In this mode enciphering at which only the sender and the receiver have the general key (end-to-end enciphering), using algorithm AES-256 in the IGE mode (engl. Infinite Garble Extension) for the sent messages is executed. Messages in confidential chats will not be decoded by the server, and the history of correspondence remains only on two devices, initiators of creation of a chat.
At file sharing it is possible to send files from the device, to look for media content on the Internet if mobile version for iOS or Android is used. The size of the transferred files is limited to 1.5 GB.
The program uses the system of continuation of file transfer in case of communication break.
Through special API third-party developers can create "bots", the special accounts managed by programs. Typical bots answer commands in personal and group chats, can execute search on the Internet, other tasks, are applied in the entertaining purposes or in business.
You watch also (messengers)
- Omni channel
- Messengers (Instant Messenger, IM)
- Virtual assistants (world market)
- Mobile applications
- Mobile applications (market of Russia)
- Mobile applications (world market)
- Mobile Device Management (MDM)
- Veon (messenger)
- Messenger of the MyOffice Logos
- RT-Inform: The messenger for government employees
- Rostec: Messenger
- Scale: IVA AVES-S Secure system for remote conferences
- dialog enterprise
- Crimeatechnologies: Dialog M
- Staply Corporate messenger
- Sibrus, the protected messenger
- Answer Messenger
- 4talk Enterprise (4talk Messenger)
- SyncCloud (system)
- OMMG TrueConf: Flodium
- Rostelecom: To Alla available roaming
- VideoMost IM
- Mango Talker
- Polyphone App
- CommFort the Client-server application for communication
- Slack Technologies
- Stride (corporate messenger)
- Mail.Ru Agent, TamTam
- Avaya Ava
- Skype for Business (before Microsoft Lync), Skype (VoIP-service)
- Threema the Protected messenger
- Cisco Jabber
- WhatsApp Messenger and WhatsApp Business
- Viber - Viber Out Service of instant exchange of the message
- Facebook Messenger
- Facebook Workplace (ранее Facebook at Work)
- Line Corporation
- Lotus SameTime Unified Communications
- Instagram - Instagram (app)
- Apple iMessage
- Android Messages
- Google Allo
- Microsoft Teams
- Yahoo! Messenger
- BlackBerry Messenger (BBM)
- Genesys Chat
- Resilient Anonymous Communication for Everyone (RACE)
The systems of instant messages with users of the website
- LiveTex - LiveTex Omnichannel
- RedHelper - RedHelper (livechat)
- OMNIchat server
- WaveAccess: Govori.org Online communicator
- ↑ Russia will check instruments to block Telegram in Tyumen - sources
- ↑ Scheduled Messages, Reminders, Custom Cloud Themes and More Privacy
- ↑ Telegram issues to security officers of participants of meetings and protests
- ↑ [http://www.cnews.ru/news/top/2019-08-13_telegram_nauchilsya_maskirovat_trafik_pod_populyarnyj In Telegram
- ↑ built in circumventors of blocking of new type]
- ↑ In the beta-version of Telegram appeared the geochats tied to the geographic location
- ↑ Chinese thought up an effective method of fight against Telegram
- ↑ each user of service Others correspondence in Telegram can be purchased at the SIM card price
- ↑ It is proved: Telegram was not anonymous
- ↑ of the Telegram messenger can secretly read messages of users
- ↑ Putin spoke against blocking of Telegram
- ↑ TelegramMessenger/MTProxy
- ↑ by telegrammessenger/proxy
- ↑ Telegram services opened source codes of a proxy for a bypass of blocking
- ↑ of Apple prohibits to update Telegram for iPhone and iPad
- ↑ 
- ↑ [http://www.cnews.ru/news/top/2018-05-16_v_telegram_poyavitsya_podderzhka_proksiserverov In Telegram
- ↑ built in tools of a bypass of blocking of new type]
- ↑ Iran bans state bodies from using Telegram app, Khamenei shuts account
- ↑ Pavel Durov to VK
- ↑ with Telegram bypassed blocking in Russia by a new method which cannot be prohibited
- ↑ Court decided to block immediately Telegram in Russia
- ↑ [http://www.cnews.ru/news/top/2018-03-30_v_telegram_obnaruzhili_kriticheskie_uyazvimosti Others entries in Telegram
- ↑ anyone can edit]
- ↑ [https://www.rbc.ru/technology_and_media/19/12/2017/5a37ca449a794754b1c07cd9 Telegram
- ↑ Because of threat of blocking became the most fast-growing messenger]
- ↑ "Be going to delete WhatsApp and Viber": in Telegram voice calls appeared