"There is a significant risk of insider threat or hacking of Telegram systems that could expose all of these chats to the Russian government," said Eva Galperin with the Electronic Frontier Foundation, which has called for Telegram to improve its privacy practices. The message was not authentic, with the real Zelenskiy soon denying the claim on his official Telegram channel, but the incident highlighted a major problem: disinformation quickly spreads unchecked on the encrypted app. Telegram boasts 500 million users, who share information individually and in groups in relative security. But Telegram's use as a one-way broadcast channel — which followers can join but not reply to — means content from inauthentic accounts can easily reach large, captive and eager audiences. Telegram does offer end-to-end encrypted communications through Secret Chats, but this is not the default setting. Standard conversations use the MTProto method, enabling server-client encryption but with them stored on the server for ease-of-access. This makes using Telegram across multiple devices simple, but also means that the regular Telegram chats you’re having with folks are not as secure as you may believe.
from sg