|
|
|
|
|
|
by SAI_Peregrinus
1988 days ago
|
|
|
The situation is (slightly) ambiguous. It looks like a backdoor. Anyone competent writing that code would be doing so because they wanted the backdoor. But there's no reason to assume Telegram's authors are competent unnecessarily, and competence in UI design doesn't imply competence in security. And it's also a rather obvious-looking backdoor, anyone competent would presumably try to hide it better. Then again, the NSA backdoor in Dual-EC-DRBG was pointed out before anyone started using the spec and not that well hidden, and the NSA are generally considered competent. |
|
|
But that's what mostly what I was saying (granted, I got worked up at one point because the blind stereotyping puts a black mark on HN's reputation in my eyes) is that indeed the situation is ambiguous and both possibilities are [mostly] equally likely.