Telegram plans multi-billion dollar ICO for chat cryptocurrency

[jherdman]

> Telegram is not a secure messaging platform, despite marketing themselves as such.

Supporting sources?

[edraferi]

Basically, the problem is that they invented a lot of their own crypto from scratch. When asked about this, they said "it's fine, we're smart" and then claimed to prove their security with a red herring contest.

Here are some publications about security problems with the platform:

- A class project at MIT found several problems (May 2017) [0]

- They were featured on Crypto Fails (Dec 2013) [1]

- Jakob Jakobsen @ Aarhus University published a vulnerability discovery (May 2015) [2] and then did his Masters thesis on additional problems (Sep 2015) [3]

-Tomas Susanka @ Czech Technical University in Prague published additional vulnerabilities (2016) [4]

Plenty more out there.

[0] https://courses.csail.mit.edu/6.857/2017/project/19.pdf

[1] http://www.cryptofails.com/post/70546720222/telegrams-crypta...

[2] https://eprint.iacr.org/2015/1177.pdf

[3] http://cs.au.dk/~jakjak/master-thesis.pdf

[4] https://www.susanka.eu/files/telegram-article.pdf

[Vinnl]

There's this, by a respected cryptographer who, however, also is the author of Signal: https://moxie.org/blog/telegram-crypto-challenge/

[miaklesp]

Any less biased source?

[45h34jh53k4j]

Moxie might have his own horse in the race, but his analysis of cryptosystems should not be questioned. His philosophy is around humans being able to access strong encryption. I believe he ultimately doesn't care what you use, as long as your communications are secure.

[Vinnl]

And to illustrate that, he worked with Facebook to add Signal's encryption to WhatsApp (and Google to Allo).

[thsowers]

I haven't used Telegram in a while (so maybe things have changed since then), but I would guess that that grandparent is talking about how they rolled their own crypto, and how secure conversations isn't the default setting