rysiek

Matrix może być niezłą alternatywą jeśli chodzi o ~publiczne kanały, ale nie używałbym go do prywatnej komunikacji. Tu jednak dalej Signal.

https://soatok.blog/2024/07/31/what-does-it-mean-to-be-a-signal-competitor/ https://soatok.blog/2024/08/14/security-issues-in-matrixs-olm-library/

Do you think that Telegram can continue to be used for this purpose while taking additional security precautions?

No. Their very existence on Telegram is drawing more people to Telegram, and helping keep on Telegram people who might already be thinking of leaving it. Publishing on Telegram helps the FSB spy on more people. In this case, people who are anti-Putin.

In other words, by continuing to use Telegram and thus by drawing more people onto that platform and keeping them there through network effects these organizations are drawing people opposed to Putin's regime directly into FSB's dragnet.

I cannot see this as anything but massively irresponsible.

Or do you think the risk is too great, and no amount of precautions can justify using the service?

In my opinion the only somewhat justifiable way to use their Telegram presence today would be to try and get people who are on Telegram out of Telegram. But that's a very tall order, and would have to be done thoughtfully, carefully, and with a plan.

Z tej strony autor, AMA.

Powodzenia! Jakbym był w okolicy, to bym się pojawił i pomógł.

As long as they’re not using Russian-purchased sims to manage and post to the channels, how does this change their security model going forward?

If IStories' reporting on GNM's connection to FSB and GNM's access to Telegram's traffic is correct – and I have no reason to believe otherwise, this has gone through two rounds of fact-checking and these are people who had been sued for "defamation" in the most journalist-hostile, oligarch-friendly jurisdiction in the world (UK) and have repeatedly won – then this means the threat model now includes the FSB potentially being able to:

• figure out where a user is in the world just by observing their Telegram network traffic, live or close to live;
• with some additional analysis, based on timing and packet sizes correlation, probably figure out who that user is communicating via Telegram.

Both of these globally, regardless of what SIM card was used to register any of accounts involved, and without having to ask Telegram for any data.

I don't know if FSB is actually using this capability, and to what extent, and against whom. But based on IStories' reporting and on my own packet captures analysis it is entirely possible for them to do so if they choose to.

I guess the xAI thing might just be a money grab for Telegram and Durov.

The Russian MPs thing might be a red herring, there's been plenty of stuff recently aimed at distracting from this Telegram story – including a brand new interview by Tucker Carlson with Durov.

Telegram and Durov knew for weeks this is coming, as the investigative journalists had tor each out for comment. So they had time to prepare their little games.

Thank you, it is refreshing to see someone honestly and earnestly engaging in a conversation about this. The "Tor is a honeypot" thing is very often an all but religiously held belief.

It would be great to have real analysis knowing which data centers or actors have the biggest control of exit nodes. If there’s really a way to de-anonimyze any traffic from there.

To truly and reliably de-anonymize Tor traffic, one would need to run over 51% of all Tor nodes. Since the US is not the only entity potentially interested in that (Russia and China might be as well), unless these entities coordinate and share data, they will thwart one another from reaching that kind of saturation.

Since we are on the topic, another concern regarding Tor network is the possibility of correlation attacks.

It might be possible to somewhat fuzzily reason about Tor users by observing traffic on both sides of the tunnel, using timing and packet sizes for analysis. But a). it is going to be very fuzzy; b). it requires global network observation capability. NSA might or might not have that to some extent, but they would not risk exposing that for anything but the most valuable targets.

I'd rather just stay away from it entirely and use a VPN for my privacy when searching media and stuff.

VPNs are a specific tool for a specific thing, they don't "preserve privacy" in the general sense. You are basically trading ISP's or local spooks' ability to observe your traffic for VPN's operator's and the local spooks' there ability to do so. In some cases it makes sense, in some – not so much.

Depends on your threat model.™

It's trivial for a nation state, they have lists of these groups. These groups are promoted in other groups and other channels and other forums and eventually reach somebody who will make a note of them.

Soatak

Soatok. At least get the name right.

The simplest thing for [Soatok] to have done would be to ignore the message

Which also happens to be the simplest thing you could have done, even simpler as none of the toots you quote were addressed to you. Instead, you are dragging this one random exchange into this thread about something else entirely.

There were reports (claims I suppose) that the fsb were using telegram to organise the stochastic gig job sabotage across Europe

No no, reports: https://www.msn.com/en-in/news/world/russia-uses-telegram-to-recruit-spies-and-saboteurs-in-europe/ar-AA1xshqO

Does what has been found here shed any more light on that?

Not really/not directly, I would say. What you are describing is FSB using Telegram for recruitment. That does not require network-level observability and surveillance. That's a different "feature", so to speak.

I hate it when I don’t know an acronym, but this one is particularly hurtful to my brain since everyone is saying “yeah, that link to the FSB was obvious glad someone demonstrated it.” So… I will just assume FSB=KGB and be done.

Russian FSB is the successor of the Soviet KGB, so yeah, that works.

Take for example Tor network (high number of exit nodes are controlled)

I substantiated my claims about Telegram by a pretty deep technical analysis. Mind at least providing a link for your pretty strong claim about Tor?

Except those apps or protocols that are truly decentralized (e.g. OMEMO in XMPP), these are good.

Nope. Decentralization is important from power dynamics standpoint, but can actually be detrimental to information security due to (among others) metadata and complexity.

(I defend infrastructure and perform hacks against cryptograph & protocols for a living)

If you need to say it…