The flaw he pointed out renders one of the main advertised features of Telegram - end-to-end encrypted chats that they can't eavesdrop on - broken to the point of total worthlessness. Telegram had the ability to undetectably MITM and spy on the supposedly secure communications, as did anyone who managed to compromise them.
They'd have achieved exactly the same level of security by having no end-to-end encryption whatsoever and just promising that they wouldn't log or look at people's messages - this flaw is seriously that bad.
They'd have achieved exactly the same level of security by having no end-to-end encryption whatsoever and just promising that they wouldn't log or look at people's messages - this flaw is seriously that bad.