|
|
|
|
|
|
by sparkie
4568 days ago
|
|
|
It's not some third party adversary to be worried about, but an internal adversary who might harbor ill intent (or even if they mean well, might be forced to become evil under secret court orders.) Telegram are advertising a system which they claim is encrypted end-to-end, which means that even with physical access to the servers which are routing messages, one would not be able to perform MITM attacks. However, the contest is an obvious farce because they're asking only to demonstrate flaws which can be done externally without the same access to servers that Telegram have. It's obviously simpler for someone knowledgeable in cryptography to be critical in a few sentences than to demonstrate vulnerabilities with actual proof of concepts which require lots of work for no apparent gain other than to make a point. If Telegram were offering $100k for every flaw found in their system though, you can bet that there would be less mouthing on HN, because people would direct their effort at demonstrating the flaws. |
|
|