> precisely because they show how willing they are to improve their service.
Multiple people that know what they are doing have remarked that the system Telegram has created is a bad idea and it would be much better to use any established protocol. They have also pointed out multiple places where Telegram is committing obvious cryptographic blunders in their protocol.
Telegram decided to pay out $100k under contest rules that are weaker than known plaintext attacks. If they wanted to actually improve their security they would switch to a more secure protocol that doesn't require a server to actively participate in the conversation. I guess if they want to hemorrhage money via the hubris that is their crypto contest they should just keep on as they are.
> They have also pointed out multiple places where Telegram is committing obvious cryptographic blunders in their protocol.
They have pointed out multiple places where Telegram MAY BE committing blunders, namely their internal server - server communication MIGHT be susceptible to MITM attacks. It's not the same thing.
It is, though. If the protocol relies on servers to be good actors, then servers are a weak point. People aren't willing to let that by because, besides just good security standards, servers are being targetted by government spying.
Multiple people that know what they are doing have remarked that the system Telegram has created is a bad idea and it would be much better to use any established protocol. They have also pointed out multiple places where Telegram is committing obvious cryptographic blunders in their protocol.
Telegram decided to pay out $100k under contest rules that are weaker than known plaintext attacks. If they wanted to actually improve their security they would switch to a more secure protocol that doesn't require a server to actively participate in the conversation. I guess if they want to hemorrhage money via the hubris that is their crypto contest they should just keep on as they are.