On 08/02/2016 03:16 PM, Cecilia Tanaka wrote:

Rayzer dear...  Meh!  :((((

http://venturebeat.com/2016/08/02/hackers-break-into-telegram-revealing-15-million-users-phone-numbers

https://telegram.org/blog/15million-reuters

PS:  -  Sorry, still late!  :P

(And if you are boring and invasive, I certainly will be late forever!  Give up, baby!)



which can be intercepted by the phone company and shared with the hackers,

With this:

The researchers said they also found evidence that the hackers took advantage of a programing interface built into Telegram to identify at least 15 million Iranian phone numbers with Telegram accounts registered to them, as well as the associated user IDs.
As a redundancy and elaboration of the former quote including Multisyllabic phrases such as "systematic de-anonymization" to muddle the issue, and make it appear to be another issue when it isn't.

Apparently all they got are the phone numbers from the sms verification, and hackers didn't do it. The phoneco GAVE THEM the info. It requires complicity on the part of the utility. Which is something one can assume any commercial service would do if a government requests and under THEIR LAW (Iran in this case) claims criminal activity. The extraction of data they can do with that phone number It requires that you never set up an account with password.

A burner smartphone, which by the way US Congress is trying to outlaw, circumvents. Set up a passworded account using a throwaway email. Done. Telegram has always cajoled people to set up an account with password for extra security

Listen, as I've been repeating over an over sometimes directly, sometimes indirectly ... bad PERSEC/CYBERSEC screws you so much more often than the communications method or it's potentially compromised code. Probably 99% of the time but I've never crunched the numbers. NO ONE can hold your hand to make sure you do it right. If your life or freedom depend on it YOU DO IT RIGHT.

Rr