[jiiam]

Just to be clear, are you saying that his claim

> Telegram uses the MTProto 2.0 Cloud algorithm for non-secret chats[1][2].

> In fact, it uses a split-key encryption system and the servers are all stored in multiple jurisdictions. So even Telegram employees can't decrypt the chats, because you'd need to compromise all the servers at the same time.

is false? If so can you cite a source? (The claim is just a summary of the FAQ https://www.telegram.org/faq#q-do-you-process-data-requests)

[mr_mitm]

Yes. An employee can impersonate a user by registering a device in their name and intercepting the confirmation code and then read all non secret chats and private groups of that user.

At least one employee must have the ability to intercept the code.

(Unless the user has 2fa enabled, but that is not the default configuration.)

There are probably easier ways if we knew more about how the administrate their infrastructure.

[jiiam]

Maybe? When you login from a new device you're asked to provide an OTP so maybe there is at least that layer of protection and, hopefully, requires some circumvention at the application code level.

However I think the real question is: even if that's possible, can law enforcement compel Durov or an employee to do so?

[JumpCrisscross]

> can law enforcement compel Durov or an employee to do so?

The E2E encrypted comms are a red herring. There is plenty on Telegram that is public, plaintext and presumably illegal.

If Telegram refused to respond (note: not bend over and comply, just respond) to French legal requests in respect of plaintext criminal behaviour the way any other company would and should, that’s somewhat damning. If Durov went above and beyond and interacted with that content, his goose—as the author put it—is cooked.

[codedokode]

If you don't use 2FA then the government can simply intercept SMS code for any phone number. Russian government did it against opposition activists, and it prompted Telegram to add a password as second factor. So any service which allows login or restoring access using SMS (incluging Gmail in default configuration) is vulnerable to such kind of attacks. It seems that people in the West are unaware of this type of attack.

[jiiam]

EDIT: I just want to clarify that I don't believe the claim that an employee can intercept the validation code

[saurik]

There existed one server which sent the code, so whomever administrated that server could trivially have intercepted it by just modifying the software running there to copy/log it to them.

[jiiam]

This could be extremely unfeasible. For example the code could be generated by a third party and encrypted before arriving on a server controlled by telegram and sent to the user. Or it could be generated inside a nitro enclave. Sure ultimately someone could modify the server code somewhere to log the code or any other specific message before it gets encrypted, but at this point we are talking about inserting a backdoor.