Are Your Telegram Messages Really Private? How to Increase Telegram App Security

March 5, 2018 547 0

Telegram is the go-to messenger app promoting itself as an encrypted and private chat with many bonus features. But with Telegram gaining headlines for all the wrong reasons lately, is the app truly as secure and private as they say? Recent revelations have exposed flaws in the app’s security: private messages can, in fact, be revealed. Here we tell-all on how to up your security game when using the app.

Founded in 2013 by Pavel Durov, an ambitious Russian entrepreneur, Telegram is a strictly not-for-profit messaging service app taking the world by storm. This messaging medium is unique in that through its constant development, it aims to make communication both totally private and free – it almost sounds too good to be true. With end-to-end encryption for all voice calls, anonymous chat services that hide your phone number and even pin numbers needed to gain access to your account, the service goes to great lengths to keep its’ users secure. Using its very own MTProto protocol to allow for the sharing of photos, videos, audio and other files both safely and securely, this app goes far beyond the service provided by its competitors (such as Whatsapp). Telegram’s security is comparable to that of email, making it an ideal place to share messages in confidence. Unfortunately, this has also gained the app much-unwanted attention as the communications app favored by terrorists – but more on that later…  

The cloud-based service has grown from 100,000 daily active users back in 2013, to a massive 180 million as reported in December 2017. That’s more than a 50% annual growth rate!

But what makes Telegram so popular?

  • There are no ads and Durov intends to keep it that way
  • As far as we know, Telegram isn’t selling data onto third parties
  • Privacy – you can handily lock the app with a pin and opt for anonymity
  • Security – high end-to-end encryption
  • It has its own easy-to-use API, allowing anyone to create bots/microprograms
  • Option for public groups or ‘channels’ (up to 100,000 people)
  • Available for macOS, Android, iOS, Linux, Windows Phone and Windows NT

Countries Block Telegram

The very first country to get the Telegram-ban ball rolling was Iran back in 2015. Bahrain, Indonesia, China, and Saudi Arabia soon followed in Iran’s footsteps, totally blocking the app from use.

Unsurprisingly, a political motive was behind the ban in all of these countries.

China, for example, banned the app after it was found that human rights lawyers were using it to criticize the communist government – we don’t blame them – but China wasn’t too pleased. It was a similar story in Iran, where Telegram was used to share destructive comments against the government, something highly illegal in the repressive regime.

Telegram, in fact, played a large role in Iran’s latest parliamentary election, where reformists used the service to spread their message via large Telegram channels (since they had very little access to radio, TV and major media). Ahead of the May 2017 elections, the administrators of 12 reformist channels were arrested by authorities due to the large part they played in swaying the election results. Telegram is believed to have aided dozens of reformist candidates in becoming elected into Iran’s parliament (Majles).  

So events like these have led to a Telegram ban, but don’t worry, for those wondering how to unblock Telegram in their country, we have all the information you need coming right up.

Is Telegram Used Only by Criminals and Terrorists?

Due to the high encryption levels provided by Telegram, governments are left in the dark, unable to keep track of its citizens, with Iran making for a clear example of the effects this can have. The platform is also ideal for criminals and terrorists, providing them with an easy means of communication making us wonder again: is Telegram safe?

There is evidence that:

  • The Paris attacks lead by ISIS in 2015 were coordinated via Telegram
  • Terrorists used Telegram to plan the St. Petersburg Metro bombing killing 15 people in April 2017
  • The app has been used to spread ISIS propaganda and recruit terrorists (including those of the Berlin Christmas Market attack (2016)
  • Telegram has been used by pedophiles to share child pornography and shady information

App Store Removes Telegram

All of this evidence has given Telegram a pretty bad reputation. Its high encryption levels make it a dangerous playground for evil minds – it’s no wonder governments are trying to keep tabs on it. Just a couple of weeks ago (early Feb 2018) the App Store briefly removed Telegram after inappropriate content was discovered, specifically child pornography. The App Store team only restored Telegram once CEO Durav had taken action to gain more controls and help keep this kind of illegal activity from repeating itself.   

But to say the app is for criminals and terrorists alone is going a little bit too far. Yes, it’s used by these perpetrators, but the Average Joe is just as likely to use the app as well. Those in repressive countries may well want to use the platform to get their voice heard and others may just simply like using the app not only due to its high privacy but also its versatility. Unlike, for example, Whatsapp, Telegram can be used to send large files which can also be edited once sent (including music, large voice messages, and docs) – the applications are limitless.

So is the platform only for criminals and terrorists? It may be the “app of choice” for ISIS, but it’s certainly not terrorist groups alone that benefit from Telegram.

Is the Telegram App Really Secure?

Though Telegram claims to be an extremely secure cloud-based app with high end-to-end encryption, it’s hard to find anything in this day and age that’s 100% secure… and there has been the occasional slip-up. Cryptography experts (including Matthew Green) have claimed that Telegrams MTProto encryption is vulnerable to bugs that could potentially undermine the security of the app. Especially due to the ‘amateurs’ that supposedly wrote the crypto for the app to begin with. Experts say that those who wish to download Telegram app services should think twice.

Security researcher Kirill Firsov claims to have found a data leak suggesting that text in the app is backed-up onto a log file (MacOS users only), completely going against what Telegram supposedly stands for – privacy. Messages could easily be stolen from the log up to one week after posting. After Firsov went public, the issue was quickly resolved by Telegram, but who’s to say other vulnerabilities aren’t lurking behind closed doors?

Telegram also made headlines in September 2017 for all the wrong reasons after being targeted by a crypto mining malware, according to the Russian security firm Kaspersky Lab. Russian users of desktop computers were targeted by the malicious software in order to trick them into enlisting their machines to mine cryptocurrencies. Though dangerous, Telegram hit back by stating that “This is not a real vulnerability on Telegram Desktop, no one can remotely take control of your computer or Telegram unless you open a (malicious) file.” In other words, it could have been sent via any messaging service and is simply down to clicking/downloading malicious links.

How to Guarantee Your Telegram App Messages Stay Private

Telegram was specifically created to be a secure messenger app but it has been criticized by cyber-experts and faced the odd hiccup along the way. Even the most secure apps can have vulnerabilities. For those who want to keep their messages totally safe, secure and out of the hands of prying eyes, it is best to use a virtual private network (VPN). A VPN will guarantee anonymity and keep your data from being leaked and away from third-party visitors. For those in countries where Telegram is not available and are wondering how to unblock Telegram, a VPN is the perfect solution as it will allow you to switch your geographical server location to one where the app is available.

A VPN works by manipulating your IP address to make it appear as though you are situated in another country and hides your activity in entirety on Telegram (or any service). With a VPN, you are indecipherable to potential eavesdroppers. Be sure to look at a range of the best VPN reviews out there, so you choose the right one for your needs.

Using a VPN for Telegram will keep people from potentially monetizing your data and snooping on it, try using one of the following VPN services:

  • ExpressVPN – provides top speeds and highly secure 256-bit AES encryption. ExpressVPN keeps no logs of its’ users and is one of the best VPN providers on the market.  
  • NordVPN – another reliable and secure provider with 256-bit AES encryption, NordVPN has good speeds and a massive number of servers to choose from (1,374!). A great bonus of NordVPN is that you can connect up to 6 devices simultaneously.
  • SaferVPN – this is a fast and basic VPN provider. SaferVPN does log session times but will not log IP addresses or any other information. Using 256-bit AES encryption it is a simple to use VPN with more than 700 server options.
  • PrivateVPN – one of the only true no-log VPNs, privacy doesn’t get much better with this highly secure VPN provider. There are only 80+ servers but each comes with guaranteed anonymity. The only downer is that due to the small number of servers, there may be the occasional bottleneck performance.

Article comments