Hacker News new | ask | show | jobs
by sdevlin 4572 days ago
This is really chickenshit, which is completely in line with everything else these guys have said or done.

Just so we're clear, this rules out:

  * Chosen plaintext attacks
  * Chosen ciphertext attacks
  * Adaptive chosen ciphertext attacks
  * EDIT: Also any kind of side channel
If you're keeping score at home, that's just about everything.

The only thing that would fail to meet this definition of security is repeating key XOR. And RC4.
1 comments
warfangle 4572 days ago
If you were able to exploit vulnerabilities in the server, the software distribution, and the client... but that's not testing Telegram itself, it's testing everything in between -- including what's between the chair and keyboard.

Which is where the weaknesses (as witnessed by bitcoin shenanigans) lie, anyhow.

link