On 08/02/2016 03:16 PM, Cecilia Tanaka
wrote:
Rayzer dear... Meh! :((((
http://venturebeat.com/2016/08/02/hackers-break-into-telegram-revealing-15-million-users-phone-numbers
https://telegram.org/blog/15million-reuters
PS: - Sorry, still late! :P
(And if you are boring and invasive, I certainly will be late
forever! Give up, baby!)
which can be intercepted by the phone
company and shared with the hackers,
With this:
The researchers said they also found evidence that the
hackers took advantage of a programing interface built into
Telegram to identify at least 15 million Iranian phone numbers
with Telegram accounts registered to them, as well as the
associated user IDs.
As a redundancy and elaboration of the former quote including
Multisyllabic phrases such as "systematic de-anonymization" to
muddle the issue, and make it appear to be another issue when it
isn't.
Apparently all they got are the phone numbers from the sms
verification, and hackers didn't do it. The phoneco GAVE THEM the
info. It requires complicity on the part of the utility. Which is
something one can assume any commercial service would do if a
government requests and under THEIR LAW (Iran in this case) claims
criminal activity. The extraction of data they can do with that
phone number It requires that you never set up an account with
password.
A burner smartphone, which by the way US Congress is trying to
outlaw, circumvents. Set up a passworded account using a throwaway
email. Done. Telegram has always cajoled people to set up an account
with password for extra security
Listen, as I've been repeating over an over sometimes directly,
sometimes indirectly ... bad PERSEC/CYBERSEC screws you so much more
often than the communications method or it's potentially compromised
code. Probably 99% of the time but I've never crunched the numbers.
NO ONE can hold your hand to make sure you do it right. If your life
or freedom depend on it YOU DO IT RIGHT.
Rr