|
|
|
|
|
|
by marcan_42
1658 days ago
|
|
|
Encrypted at rest means the data is encrypted as stored on disk, not that they do not have access to the keys. That would be end-to-end encryption. What Telegram claims to have done is set this up in a way that makes it very hard for a single party/state to get these keys. It's not possible to make this completely impossible (if you have a server processing user data, it will have the keys loaded at some point, and there is always some way to physically attack it), but it is possible to make it very hard (physical tamper detection on the servers, secure boot tied to machine identity credentials required to access key material, etc - it's hard, but not impossible, to make this too difficult for any nation state to bypass). We don't know how good their set-up is, but it's certainly possible to do a good job at doing what they claim to be doing. |
|
|
I just don't see why they would make life harder for themselves developing stuff, given how often Durov lies. He claimed that all Telegram developers are outside of Russia, but then it turned out that they were working next floor from his old VK company office, right in Saint Petersburg.