141 comments

[ 3.4 ms ] story [ 185 ms ] thread
Telegram would be blocked in Russia by court decision made today at 8:33 UTC, so this article is a bit outdated.
If a state actor asked me to give them my keys, I'd be really afraid if I didn't comply.

There's always the possibility your own country could request the same thing and act as a proxy.

The BBC stated 25 minutes ago (from this posting) that the block has started to take effect.

>The Russian government has started to block messaging app Telegram, according to reports from the local news agency Tass.

>Russia's media regulator had sought to block the app because the firm has refused to hand over encryption keys used to scramble messages.

>Telegram had missed a deadline of 4 April to hand over the keys.

http://www.bbc.com/news/technology-43752337

Centralized, proprietary solution so easy to block. What did you expect?
Centralized =/= easy to block, let alone proprietary. They've said they were preparing for that, so let's see.
Now only if we can get them to block Twitter..
Never thought I would see such xenophobic comments on HN. This is really sad.
Maybe it’s from a Russian who doesn’t like Twitter?
Or maybe from someone who doesn’t like Russian twitter bot armies that try to destabilize the rest of the world? I’m pretty confident the Russian twitter users who provide meaningful content will manage to evade a block.
You think government-run bot armies would comply with government issued ban? Oh boy.
I don’t like how the US destabilises the rest of the world by killing innocent people yet I don’t ask for Americans to be banned from the Internet.
Can you share a source for "Russian Twitter bot armies" that can "destabilize the rest of the world"?

Also, if that was the case, I'm pretty sure a state actor (you know, the one with the supposed "bot army") wouldn' get blocked since it's state itself you wish would block Twitter.

That would be even better because then Twitter can easily distinguish Russian state interference (everything from Russia that isn’t blocked) and handle it as they wish.
This is a PR stunt for Telegram.

It’s not the first time Russia pretends to fuck over the Durovs.

Can you unfold please? That still sounds as a conspiracy theory.
Telegram was developed in the VK offices in St. Petersburg and is deliberately implemented in a manner which allows the operators to intercept the vast majority of the chats on the platform.

Durovs have spent years pretending to live in exile from Russia, despite regularly spending time in the country.

What exactly sounds like a conspiracy theory?

https://twitter.com/ChristopherJM/status/910186197598838784 https://twitter.com/Bershidsky/status/910169626989953024

The theory that Telegram isn't controlled by Kremlin sounds far less credible to me.

> deliberately implemented in a manner which allows the operators to intercept the vast majority of the chats on the platform.

Could you elaborate on this please? Are you just referring to the fact that the default settings don't enforce encryption or is there more to it?

I believe this person is referring to the fact that Telegram uses their own encryption scheme instead of one of the more common standards.

In this scenario, while the encryption has never been broken, it is theoretically possible that the creators designed the encryption in such a way that knowing certain values would allow you to decrypt the communication.

This essentially allows the people that know the "secret" to be able to crack the communication, while the users remain under the impression that everything is private.

He's further suggesting that this "move to block telegram" is a stunt to try and promote the idea that their encryption is not currently breakable (in a bid to foster more adoption of the platform).

While there's no proof of any of this, personally I feel it's still within the range of plausibility, and raises further questions about why they would target only telegram and not other encrypted messengers ..

We don't know all of the details but it feels that there is more to this move than what is being presented.

In Telegrams case there's no need to break any encryption, most chats simply aren't encrypted (group chats cannot be).

Telegram is marketed as a secure encrypted messenger, but unlike other modern encrypted messaging apps it requires the users to manually begin a "secret chat". Very few Telegram users are actually aware of this fact.

Telegram also makes no attempt to conceal the metadata of the rare encrypted conversations, compared to Signal which goes to significant lengths to ensure that they can't even easily access their users contact lists.

> In Telegrams case there's no need to break any encryption, most chats simply aren't encrypted (group chats cannot be).

Chats, including group chats, are encrypted, just not end-to-end.

This works the same way as gmail and internet banking, and it means you have to trust Google, your bank or Telegram.

Pretending it is wide open to anyone ("aren't encrypted") is misleading.

That's not what anybody means when speaking about encrypted messaging. Referring to client-server encryption as encrypted messaging is misleading.

AIM, Facebook chat and Windows Live Messenger are all encrypted messengers by that definition.

> That's not what anybody means when speaking about encrypted messaging.

Few people seems to know much.

> Referring to client-server encryption as encrypted messaging is misleading.

> AIM, Facebook chat and Windows Live Messenger are all encrypted messengers by that definition.

I can partly agree with you on that.

But the way you phrase it, people who don't know better might easily be misled to think it is readable by anyone in between.

There are a few options between cleartext over telnet and the latest in crypto.

Not saying you're wrong, but the whole topic of discussion here is that Russia is moving to block Telegram specifically for it's encryption.

So either they're actually doing this because they're scared of the people enabling encryption on this specific platform, or it's a publicity stunt because they already can access the data.

>Are you just referring to the fact that the default settings don't enforce encryption

Mostly this. It's not an accident but a deliberate choice.

Their questionable crypto scheme also does not support group chats.

> Russia’s media watchdog to block the messaging app Telegram for its refusal to share users’ information with the government

Wondering if whatsapp is unblocked because it already is sharing users' information?

Whatsapp is unblocked because blocking it would not significantly benefit Russian intelligence operations overseas.
You should seek work in Whatsapp's PR department. You sound just like them.
Cause for them to use it overseas it needs to be unblocked internally (to Russia)? Russia can always "whitelist" some applications for government officials too. Or y'know not rely on third-parties and roll their own solution, not like Signal's protocol isn't open sourced.
I don't understand the point you're trying to make.

Blocking Telegram helps Russian intelligence operations by making it appear like as if the Russian government did not have access to the vast majority of conversations over Telegram.

You were on about WhatsApp.... I mentioned Signal, Telegram does not use Signal's protocol.
Yes, every messenger operating in Russia has to share users' information.
There is a formal process for that. First, a messenger must register with Roskomnadzor (a government organization). So if a messenger is not on the list, it doesn't have to share anything yet.
What i think about it: why not build in ToR client right into the app itself, make it update itself, then always use ToR with obfs4, and openly declare that there will be no compliance, and you can't do anything?

Only concern could be the file size, but Orbot is only 12MB for example.

It will also greatly increase popularity of the messenger.

Yes, I would like to know how that works since whatsapp is constantly being advertised as super secure because of using the signal protocol. Do Russians get a different version of the app?
Assuming they set up signal protocol correctly, which I'm sure they did since Open Whisper Systems partnered with WA to set it up right, they're likely just sharing details on users' contact lists.

Considering Facebook owns WhatsApp this isn't surprising, they're definitely happy to share this information (ever seen someone in your FB "suggested friends" list after messaging them on WA?)

If they had pushed a different version of the app to Russia or there was a way of breaking message encryption I'm sure someone would have noticed by now.

I think you can pretty easily guess from the #deletefacebook statement of the whatsapp founder that they did not implement the protocol "correctly".

Corporate statements about the security and privacy of their products usually leave open the possibility that they engage in lawful intercept. Even if they don't they can always just lie and use the fact that they have national security letters barring disclosure as legal cover if it ever comes out.

They could probably still use this "design feature" (that Signal doesn't have) to hack users who don't authenticate the people they're talking with (also authentication isn't enabled by default on WhatsApp, but it is on Signal):

https://www.theguardian.com/technology/2017/jan/13/whatsapp-...

If you're a user of WhatsApp, make sure you enable the two-factor authentication PIN, too, because otherwise it should be relatively trivial for your own government to gain access to your account by using your number with the local carrier's help (it's also possible to do it without the carrier's help, given how broken the security of carrier networks is). Many Telegram users were hacked this way by the government in Russia, too.

Contact lists and related metadata. Some of it is crucial, like geolocation.
Whatsapp makes a local backup in internal storage everyday. There is no setting to disable this backup. There are many opportunities to access the chat history, specially for Facebook, that wouldn't require cheating with the signal protocol.
Opposition activists use mostly Telegram. WhatsApp is not so convenient and not so popular among them.
The official version is that Telegram was used by terrorists who blew up the metro in Saint Petersburg.

The real reason is more simple: it's mostly used by the small middle class, people working in tech and business. The current laws in Russia were used to block LinkedIn, but they didn't touch Facebook or Twitter — that would be too much.

Wouldn't this move just make then move to WhatsApp and eventually beg the same question as the parent comment?
It could be, but much more people use WhatsApp in Russia, people like my parents who haven't noticed any laws against the free internet before. They don't touch Signal or anything else as well.
WhatsApp has lots of clients for the shitty phones poor people use and a ton of Russians use WhatsApp. It's also possible that some implementations of these WhatsApp apps or the phones that host them are hacked, while others are not so it could be less of a binary distinction than one might assume.
>it's mostly used by the small middle class, people working in tech and business.

And terrorists. That use-case doesn't disappear.

It does when they switch apps and the other users can't legally do so.
Terrorists breath air, therefore we should ban air for everyone?
Generally, I try to avoid criticising others but this logic is really disturbing and dangerous and I am very worried about people who stand behind it. It hasn't gotten us anywhere. It never will.
Nonsense.

Terrorists do use the air to convey voice; air is their primary communication medium for propagating their terrible ideas, and arranging their despicable plans. If we denied them access to air, to stop their voice communication, it would severely limit their ability to harm us. Isn't saving even just one child's life worth it? And don't worry about the terrorists without air not being able to talk about the legal, daily matters. Relevant institutions are already equipped to handle deaf and mute people. They could also just use internet or other service.

Just deny them air so they can't talk, okay? It's the common sense solution. /s

Slippery slope is a thing, especially when actors with under-handed intentions ask for simplistic, ham-fisted solutions. Once a precedent is established for censorship or snooping, it's pretty hard to draw, and defend, a line in the sand.

Does this mean that we should sit back and enjoy the show because "actors with under-handed intentions" and "precedent"s? Wake up. We can only get through collectively.
> Does this mean that we should sit back and enjoy the show because "actors with under-handed intentions" and "precedent"s?

No.

> We can only get through collectively.

Yep, but we shouldn't do it by throwing away the freedom we try to defend

Trying to understand your argument:

Are you saying that you think banning perfectly normal everyday things "because terrorism" is ok,

... or did you miss the invisible sarcasm tag?

None of the above. What the parent comment is sarcastic about is a line of argument people use, especially politicians who want to promote their agendas.
Yes, and then we could license it back to people for $30 per month. It's a capitalist nightmare/dream (delete as appropriate based on whether you're a technosocialist or technolibertarian).
I think it's a nightmare either way
Yeah. Plus I shouldn't give any VCs any more ideas.
There is no corporate entity supplying terrorists with air. This is why this consumer-based end-to-end encrypted chat messenger space isn't going to go anywhere. Telegram is delusional if they think nations will let them operate this kind of a business. Every terrorist attack where Telegram is used will paint a bigger and bigger bullseye on their backs. The media will get in on it. The public will get in on it. Lawmakers will get in on it. Hacker News will get in on it.

The witch hunt against Facebook shows how this will look though the particulars will be different. At the end of the day, Telegram has devs that need to eat and servers to pay for and at the very least all revenue sources will be denied to them.

> Every terrorist attack where Telegram is used will paint a bigger and bigger bullseye on their backs. The media will get in on it. The public will get in on it. Lawmakers will get in on it. Hacker News will get in on it.

Here I was, thinking that we here at HN aimed higher.

> The witch hunt against Facebook shows how this will look though the particulars will be different.

Witch hunt usually implies baseless, made up accusations.

When it comes to Facebook I'd phrase it differently; maybe something about consequences or justice?

>Here I was, thinking that we here at HN aimed higher.

Why would you think that? Nothing special about HN - it's a collection of humans from a very specific culture.

>Witch hunt usually implies baseless, made up accusations.

Not only. It also implies widely inflated and hyperbolic accusations.

This in amny ways is analogous to the gun debate in the United States. Everytime there is a major shooting, there are calls for certain types of guns to be banned. Every time there is a terrorist attack coordinated by an encrypted chat app, there will be calls to wither ban it or have a backdoor.
Your comment entirely and completely ignores the express intent and purpose of the objects you compare, which makes the comparison invalid.
The parent post is a nice example of the type of underhanded rhetoric that will eventually be used to sway the public in favor of banning encryption.

Pretend your target is inherently evil, and can only be used for inherently evil things. (Terrorism! Child abuse! Piracy!) Then you're perfectly set up to vilify anyone who dares to question your position.

Fecebook was told to localize data in Russia and complied, same as twitter. thus allowed to operate. Small or large company makes no difference.
(comment deleted)
Telegram is widely popular among that part of the country who like doing illegal things; it was even endorsed by local darknet, they set up bots to help circumvent blocking and stuff like that. Really juicy target for banhammer compared to whatsapp that has a smaller and more legitimate user base (in russia).
Why hasn't Telegram implemented domain fronting? Did they really have so much hubris that they thought this would never happen?
Apple and Google will likely comply and delete the app in their Russian stores in any case.
(comment deleted)
They would just blacklist IPs or whole subnets. How would domain fronting help exactly if even US cloud providers surrender under Russian government threats?

Other service called Zello avoided blocks by changing IP addresses on AWS until Russian government gave command to block 13,5M of Amazon IPs [1]. On next day Amazon simply forbid them to change IPs.

[1] https://torrentfreak.com/russia-asked-isps-to-block-13-5-mil...

The idea behind domain fronting is to make blacklisting unfeasible. It's kind of like Zello changing IP addresses, except you also happen to share those IP addresses with a lot of popular internet services.

So, in order to block domain fronting the government would have to pressure a whole bunch of large foreign corporations with CDNs to patch their tech to forbid domain fronting.

No, they wouldn't need to pressure anyone. They'll just ban whole subnets of CDNs that are not used by any services popular in Russia.

And cloud providers and CDNs that have large customers from Russia will just give up like Amazon just did. After all it's just a business for them and they not going to lose clients just to fight against censorship.

Telegram hasn't even implemented proper end-to-end encryption; they still actively advertise client-to-server encryption as a privacy feature. Domain fronting is 10 years more advanced than their technology. Did you know they can't E2E encrypt group conversations? A lot of people seem not to know that.
As you can see having end-to-end or client-to-server encryption is irrelevant to Russia. They suggested to implement a backdoor either way. Which they absolutely can suggest to Whatsapp and Signal, since they are both centralized too.

As I said before, end-to-end encryption in a centralized app is a joke and is absolutely irrelevant for its threat model. But, whatever, security is a very dirty industry.

This is word salad. The point of end-to-end encryption is to provide confidentiality to endpoints even when there's an untrusted relay; that's what the "end" in E2E is.
And your point is?

Let's go though this again. You still have to trust someone to implement E2E encryption, guarantee said confidentiality and guarantee to keep it with each update pf the app they provide, etc. It's absolutely the same as trusting them to just not spy on you on their servers with client-to-server encryption. And if they are forced to implement a backdoor, it doesn't matter whether they do it on their servers or push an update to a supposedly secure app.

> trusting them to just not spy on you on their servers with client-to-server encryption.

Everyone would eventually spy on you on their server. Either by voluntary choice or being forced by some government entity. In this day and age it doesn't even make sense to discuss any hypothetical situations where they are not collecting (all of) your data.

> And if they are forced to implement a backdoor, it doesn't matter whether they do it on their servers or push an update to a supposedly secure app.

One of this things is not like the other. Remember, Signal-style e2e encryption isn't concerned with individual safety that much, it's main aim is the governmental mass surveillance. Server side data collection is, obviously, completely transparent for the end user. Client side backdoor would be quite inconvenient on that scale: the more it's used, the higher would be the chance of discovery. Thus, presumably, it would be used less frivolously.

You are making assumptions that are rather obviously false.

Every centralized app preserves an ability to eventually spy on you. End-to-end encryption doesn't take it away.

If a government wants mass surveillance it either asks/coerces someone from the company to implement a backdoor or blocks the app in the country pushing people into mass surveillance friendly alternatives. So end-to-end encryption cannot possibly protect from mass surveillance.

Client side backdoors obviously don't need to be pure client side either, only revert back from end-to-end encryption to client-to-server encryption preserving plausible deniability for the company. Possibly even leaving end-to-end encryption in the app, just not enabled by default. Such change can even be advertised as an improvement, like cross device chat history feature or something.

> Every centralized app preserves an ability to eventually spy on you. End-to-end encryption doesn't take it away.

Never said anything like that.

> If a government wants mass surveillance it either asks/coerces someone from the company to implement a backdoor or blocks the app in the country pushing people into mass surveillance friendly alternatives.

Yes.

> So end-to-end encryption cannot possibly protect from mass surveillance.

Are you arguing for mass surveillance friendly software? Decentralized software? What are you arguing? I'm completely lost there.

I'm arguing that end-to-end encryption in a centralized app doesn't actually do better with regards to any threat from its threat model as compared to client-to-server encryption. It's sort of a fallacy, centralization cancels out any benefits that end-to-end encryption is supposed to bring over client-to-server encryption. So "but they have" or "don't have end-to-end encryption" cannot be an argument.
Wouldn't domain fronting be too expensive to host for some 5 to 10 millions of users?
I'm getting tired of all the Russia bashing. Sure Russia does a lot of bad things but it smells a lot like someone wants everyone to look elsewhere.

Russia blocks Telegram while the US splits cables and installs snooping devices between data-centers, use secret courts, monitors everyone, etc. Why do we pretend Russia is such a problem when a lot worse stuff happens closer at home every single day?

(comment deleted)
Not a single piece of interesting facts in the post. And Telegram still works as of right now.

As the proverb goes: “Undue strictness of Russian laws was always compensated by it being optional to follow them.”

The court order was issued a few hours ago, they will block it shortly.
I would question that. Rutracker is supposed to be blocked by order of Roskomnadzor, but many isps here still are able to reach it. This happened almost a year ago so it's not a matter of propagation, it's just poor or lack of enforcement.

Telegram is also exceptionally popular here, so I have trouble believing it will stick or do anything in the first place.

Well, it's blocked by all the ISPs I have in any place. Generally Telegram will be blocked, and which is more imprortant, they will likely remove it from the app stores in Russia.
Still unblocked for me, but got the VPN at the ready... Removal from the app stores would be much more effective, at least on iOS.
I doubt because every ISP must install a special hardware (Revizor) manufactured by Roskomnadzor, which constantly checks blocked resources inside ISP network. If you don't block all the resources you will get fined. And there is a huge fine if you will try to trick this system.
Blocking rules are not perfect. For example, DNS resolution is done by Roskomnadzor and the lists are not updated instantly (usually they are updated daily or several times a day). If you change your IP address faster than lists are updated, blocking effectively doesn't work.
Yeah, sure. _will_ is the keyword.

It could take years to trully cover all ISPs. Like it was with rutracker.

And then LinkedIn is blocked for a long time now but I get new job opportunities through it quite often. Sometimes w/o turning VPN on.

Iron curtain wasn't that optional. We have a potential.
Generally speaking, I consider the combination of overly strict rules and relaxed rule application one of the most dangerous manifestations of authority abuse, because it leaves to the single person in charge of applying the rules the decision to do it or not. So the criteria to prosecute people are not decided any more by the public political discussion, but by the individual decisions of some random guys in the police forces. This mechanism often masks responsibility and allows for ad personam treatments, which I consider strongly unfair.

Rules should be valid for all and applied uniformly.

I agree. I think this is called selective enforcement[1] or prosecutorial discretion.

I believe it turns the biases of individual enforcement officers into society-wide inequalities. E.g. white kid with marijuana gets a stern warning while black kid gets his freedom taken away. Instead, the enforcement officers should be obligated to charge both with crimes due to the rule of law.

[1] https://en.wikipedia.org/wiki/Selective_enforcement

I'm from Russia. Let me be honest. I personally and many my friends do support blocking Telegram.

We are full of this freedom-related bullshit. There is no freedom in the Internet. Currently we share our private information with CIA. We don't like it, but that's OK. Everybody still uses Facebook, Gmail, etc, etc. But when Russian Federal Security Service whats to access user's private data, everybody starts screaming. Shut up already.

Really? They can put you in for a wrong repost, doesn't sound so swell.
Nope. In Russia you can post whatever you want as long as you don't cross the law.
That is true for china, iran and saudi arabia as well...
That's true. Thankfully the Russian laws allow to classify almost anything as extremism or insult against any social group, so that's not a problem.
Well, one things is that FSS(FSB) doesn't have jurisdiction over a foreign company. In fact, such data can only be retrieved via a court order.

I don't know who you are friends with, but you people are strange.

While all normal people are buying proxies and setting up VPN right now.

>In fact, such data can only be retrieved via a court order. Thanks to Snowden, we know how that works in case of USA companies and CIA. But that's unacceptable for FSS. Because FSS is not CIA. Really? I don't think so.

You, 'normal people' can buy VPN. But I hope that this will not last too long. We have the China example, we know how strong government should treat VPN freaks.

Strong government isn't afraid of anything, because people in a strong government change. Only the rulers who are greedy for their personal power turn themselves into living monuments and order to clean the Internet from the memes about them.
>Strong government isn't afraid of anything

Does USA have strong government? Why does it force RT, for example? Because strong goverment wants to control its mass media and information in general.

>Only the rulers who are greedy for their personal power turn themselves into living monuments and order to clean the Internet from the memes about them.

There are lots of memes about Putin, for example. Nobody cares. Got visit http://lurkmore.to. Enjoy your silly 'freedom'.

Can we clear these troll accounts? This is beyond childish.
"I don't like what this guy writes. Please ban him."

Is that the freedom of speech you, American democrats, are talking about?

I also don't remember NSA or CIA raidering people's companies and putting them in jail for shares in the social media networks. So I'd prefer to give my information to them and not to the degenerate heirs of the KGB.
>I also don't remember NSA or CIA raidering people's companies and putting them in jail for shares in the social media networks. Because all the companies are already forced to give all the information NSA/CIA needs. Go read Snowden papers.
Here is your's 15 rubles!
Just use XMPP already, we really don't need all this IM fragmentation again, and as a bonus you won't be blocked.
Wait a second. XMPP is the very definition of IM fragmentation with thousands (millions?) of servers segregated by region, organization, etc. How is that helpful for coordinated communication?
Fragmentation != decentralisation. All those XMPP servers are talking to each others, so doesn't matter where you have your account you'll be able to reach the rest of the network. Emails are working the same way
(comment deleted)
My server hosts only three people including myself, each one on its own domain, yet I can talk with everyone else on any other server transparently, without any issues. And even if I decide not to host this server anymore, I can easily switch to another, import my roster and still talk to the same set of people. So, answering your question: very helpful.
Why not something more modern, like Matrix?
Matrix feels more like a replacement for IRC rather than instant messenger and its ways of communication with legacy networks seem rather awkward (although reluctance of dev community around Matrix to implement transport-like services that store your credentials make a lot of sense; however I simply host my own transport just like I would have to when using Matrix, so I don't care).

Also, modern XMPP is just as modern. With MAM, stream management, message carbons and some other smaller XEPs it just feels like a modern, mobile-friendly IM network.

I guess it depends on how you define 'modern' there are plenty of people working on XMPP protocol extensions along with active client & server development.
And Jabber doesn't require your phone number and doesn't copy your contact list to the server.
Does XMPP support seamless E2E encryption?
Yes. Nowadays it's all about OMEMO, which is based on Signal Protocol; earlier you also had some other more or less seamless options: OTR and OpenPGP.
Doesn't supports video/voice calls. I know about jingle but haven't seen many clients supporting it.
Never used it but https://jitsi.org/ apparently does this nicely. I believe Movim does or very soon will support voice and video calls.

But yeah - i'll agree the current situation isn't ideal.

For Telegram haters, this means Telegram actually cares about your privacy comparing to WhatsApp, Messenger and any other IM working in Russia without problems. Anytime US government asks to share data, WhatsApp can provide it, as they probably did in Russia (guessing of course)
Ummm... there is no encryption key for WhatsApp and Messenger to hand over. That's what end-to-end encryption means.

Now WhatsApp could theoretically push a malicious update, but there is no way Signal could even theoretically hand over the encryption keys, because the entire freaking point of their product is for them not to have a copy of those keys.

Since Telegram isn't end-to-end encrypted (outside "secret chats"), they do have a private key that decrypts all the messages, since they only encrypt in transit. Therefore, there is a private key to hand over to the government.

> Since Telegram isn't end-to-end encrypted they do have a private key that decrypts all the messages, since they only encrypt in transit

E2E encryption refers to transit encryption. The encryption is between two end devices, rather than decrypted (and re-encrypted) between clients and servers.

It has no bearing on data stored at rest on the end device, and I have no idea what either WhatsApp, Signal or Telegram does to the data at rest.

I'm not a fan of Telegram the app due to the fact that it doesn't enable end-to-end encryption by default, but this is an interesting post by Durov, from today:

> The power that local governments have over IT corporations is based on money. At any given moment, a government can crash their stocks by threatening to block revenue streams from its markets and thus force these companies to do strange things (remember how last year Apple moved iCloud servers to China).

At Telegram, we have the luxury of not caring about revenue streams or ad sales. Privacy is not for sale, and human rights should not be compromised out of fear or greed.

http://t.me/durov/76

Remember Telegram recently raised a whopping $1.7 billion from a coin offering. It's also the reason I've been begging Signal to do something similar for over a year now. Cryptocurrencies can provide the liquidity open source projects need, and it can also help them stand against oppressive governments.

https://www.bloomberg.com/news/articles/2018-03-30/telegram-...

> It's also the reason I've been begging Signal to do something similar for over a year now.

Aren't they in the process of doing that with MobileCoin[0]?

I know the whitepaper is pretty sparse on information, but according to the last paragraph in the whitepaper[1], it's designed to integrate with IM platforms, and, according to the only tweet from their Twitter profile[2], there is no ICO at the time.

[0] https://www.mobilecoin.com/

[1] https://www.mobilecoin.com/whitepaper-en.pdf

[2] https://twitter.com/mobilecoinone/status/960359924562739200

(comment deleted)
I cannot imagine anyone here on HN arguing in good faith in favor of crackdown on encrypted messenger "because terrorists". This is retarded and illiterate, and the same goes for gun analogies. I get that many Americans are concerned with gun violence, but at least here you ought to be able to try to not think with your hindbrain, and instead consider whether your concern has any relevance.

Normally that should be enough. Let me elaborate, though. First, there's extremely little chance of uncovering any "terrorists" or any major criminals by investigating the extant chats: competent lawbreakers delete incriminating messages as soon as possible or communicate in secure chats to begin with, and would do so especially if Telegram showed signs of cooperating with FSB. There would, however, be a guaranteed influx of falsely accused. VK is a good example: there are cases when people are incriminated for inciting hatred because of something like a closed album with Nazi caricature memes, on the grounds that "everything on VK is public"; there were multiple trials for reposted messages. And so on. Most of this is simply due to some random asshat spook trying to furter his career by hauling in a lot of "extremists" and surpassing average "productivity". This is both inhumane and not economical.

More importantly, encryption is not analogous to guns because guns are hard to manufacture and even harder to conceal, but software is different. You can easily create your own encrypted messenger and nullify whatever efforts the government is putting in suppressing current platforms. Signal Protocol is open source, you know. Blocking Telegram would merely speed up the transfer of terrorists to their own networks, and/or increase the popularity of platforms which would not even shut down the channels with terroristic propaganda (something Durov actually does).

There is no replacement to actual investigation, to fieldwork, to international cooperation, to training of competent agents and infiltrators. This is hard and risky, it's so much more easy to vantonly gather data, threaten average citizens with your overreach and pretend to save the day. Well, let me remind you that Boston bombing did not rely on any sort of encryption. FBI received hints from FSB and interviewed Tamerlan way before the event; Dzhokhar’s Facebook was insanely suspicious. They failed to notice the threat. If the intelligence cannot successfully work with open information like this, what more could they gain from Telegram?

Oh, my. Just now I've seen second biggest federal news channel reporting on the issue and... and advertising TamTam messenger (created less than 6 months ago) or "even a better alternative" -- ICQ, both of which, surprisingly, are products of Mail.ru group.

That is __really weird__.