This analysis leaves out the fact that Pavel Durov is, with Telegram, in approximately the same position Ladar Levison was with Lavabit. Unlike Meredith Whitaker, Durov actually is in a position to furnish documents to the French government, where he has citizenship. He's in that position because he has repeatedly made deliberate product decisions, to the bafflement of cryptographers around the world, to keep himself in that position.
If you literally have plaintext documents responsive to criminal inquiries in a jurisdiction you are subject to, we don't reach the "internet censorship wars". You're in a place not dissimilar to a 1970s telephone company; the "random people can't simply declare themselves above the law wars". Don't be in that place. Encrypt end-to-end.
Indeed. Two of the more common questions I get with Tarsnap are
Q. How do I know that Tarsnap is secure?
A. Read the source code.
Q. Ok, but you're really smart, what's stopping you from putting in a backdoor and hiding it really well?
A. I don't want to get tortured, and ensuring that I can't decrypt your data protects *me*.
IMHO second answer does not hold water. If you will end up in situation where you are tortured they will torture you until you will you say how to add the backdoor.
His point is that he can't backdoor it: you can read the code before you install it. I'd go further, and say that this is true of anything end-to-end encrypted, open-source or not, because it's not 2002 anymore and reversing ordinary client software is table stakes. (I'd still rather run something open source, ceteris paribus).
Feeding the paranoia above is that cperciva would verifiably be the smartest person in the room. A canny torturer would respond to this bringing in djb as the primary instrument of torture. "First one to break or weaken scrypt or 8-round salsa20 gains their freedom". The loser is forced to give talks at AWS marketing conferences for the rest of their natural
Not being able to "backdoor it" (presuming this means "exploit a backdoor the torturer presumes you have already put into it") does not prevent you from getting tortured to backdoor it.
All it does is, should that occur, prevent you from giving the torturer what they want to end the torture.
OTOH, convincing the torturer by, among other means, public statements in advance that you have failed to consider this anhd believe that not having that ability prevents torture, and that for this reason you do not have it, might prevent torture. But that's a big gamble on potential future torturers believing your public statements of motivation.
Exploitable but obscured backdoors in software distributed in form that is compiled and installed by downstream users is not impossible, though sufficient auditing may make it improbable.
He probably should have said that if it's what he meant. In his answer he implies that he could in fact back door it but chooses not to because of the liability.
Reversing ordinary client software is table stakes, sure. I'm not so sure about reversing client software which has a deliberately hidden backdoor. (You can hide a backdoor in source code too, of course, but I think it's easier to hide one in a binary because you could e.g. ensure that a buffer overflow overwrites cryptographic keys, where a C compiler would have the freedom to change the memory layout.)
That is to say, it's entirely possible that you were already tortured and the backdoor is already there by using the same logic - no time machine needed
Like already said unfortunately the only safety would be reading the code
Coerce you into sending something like "All users must upgrade to client version xyz because of a backdoor discovered by the NSA in the encryption used in older clients. I'm not allowed to tell you what it is, however, rest assured, the latest versions do not have this vulnerability." (but do have a backdoor that I've been tortured into adding).
And then wait for a scheduled backup with the
backdoored client.
Though XZ says that's impossible, so I won't lose sleep over that scenario.
I am confident that if I sent a message like that, the top application security and cryptography experts in the world would collectively descend on the Tarsnap source code to figure out what changed.
Honestly, I really wish the Tarsnap server was open source. I imagine it has not been released as such because that would probably hurt the business a lot, especially given that the costs per GB are currently approximately 50 times more than I would pay for simple object storage on B2.
I built our company's first backup solution on Tarsnap, but when I projected out what deploying that to our entire fleet would cost, I rebuilt on Restic. We currently pay something like $250/mo for our backups, as opposed to the approximately $12,500/mo they would cost on Tarsnap.
Colin, if you've ever hoped to compete with your own software and providing support to people running your whole stack so they can avoid paying you anything, you should give some serious thought to open-sourcing the whole thing.
Yeah I get it, if one wants to make money off one's software, one shouldn't give it away for free, right? I'm just highlighting why I do not recommend Tarsnap professionally. It's great if you're going to be storing under 1 TB of total backups. Otherwise, you're paying 50x as much as you need to. Back when it was released, the alternatives were not as good. Today, restic seems to work just as well (and yes, I've done restores, both as a test and under real data loss circumstances) and supports object storage natively.
By the way, I absolutely love spiped. It beats the pants off stunnel in both stability and performance. Maybe Colin should close-source that and start charging $0.25/GB for traffic that flows through there too? :P
Consider that Colin's target customers might be paying for things other than raw storage, that most products are poorly marketed with cost-plus pricing, and that trying to make everybody happy is usually a bad plan. Make something that some people love, not something that everybody likes.
He's been doing this long enough, I'm not even prepared to dunk on him for picodollar pricing anymore.
It could be designed that doing so will generate some alarm to other people. For example, the backdoor do not exists and it has to be developed, so the attacker has to keep them hostage for some period of time and loved ones may report a missing person. The software then might have to be signed with a key that generate alert to the whole engineering team, which someone else in the company may investigate the unauthorized release as cyberattack. Perhaps the release signing key is physically stored in the office (eg. Yubikey) which also require the attacker to perform a heist in the office.
Surely some three letters organization probably could pull that off, but it add risk to their operation that the operation could be leaked.
Surely some three letters organization probably could pull that off, but it add risk to their operation that the operation could be leaked.
This is basically a point I've made in a few of my talks about security and cryptography: The point of cryptography isn't to guarantee that your data is safe; it's to raise the cost of an attack to the point where a potential attacker decides not to attack. In particular, there's usually a human involved somewhere (sending or receiving information, or both) and humans are squishy and fragile; but torturing people attracts far more adverse attention than torturing data.
No, he won't, because there is no back door. Or yes, because his torturer-contractor thinks there is. Either way, the last part of your sentence doesn't hold water.
Q. How do I know that Tarsnap is secure?
A. Read the source code.
This is a "good enough" but less than reassuring answer in the post-Solar Winds world. (It wasn't before, but less so since the advent of "package managers" and the like.) How would someone evaluate the quality and security of the build process and minimal dependencies (which might have their own problems [0])?
As a non-security person thinking of how might one could evaluate this: Could adversarial builds (say performed in and using tools commonly available in several locations with different types of government spying) generate the same binary? Could that act as a sort of proof of an untainted toolchain? Or a canary for where a build process is tainted?
>> A. I don't want to get tortured, and ensuring that I can't decrypt your data protects me.
There is a line in RickAndMorty about this, which I won't repeat here. To paraphrase: the one thing worse than bring tortured for information you have is being tortured for information you don't have.
Right, which is why I try to make it very clear to everyone that there's no point torturing me. The problem is if someone thinks you have information which you don't in fact have; if they know you don't have the information, why would they waste their time?
In a way ot reminds me of the Phantom Secure story. If you are suspected to purpusefully facilitate crime, you can be held responsible. This seems to be true as well in the US.
In the phantom secure story the intent was crystal clear. In the Telegram case it seems that the refusal to cooperate with investigations cast enough doubts to arrest the CEO and put him in similar shoes.
It's so much worse than that (at least under US law, but I assume French law, which has fewer speech and evidentiary protections, is worse still). By putting himself in the position where he was clearly and straightforwardly able to furnish assistance to criminal investigations, he likely acquired some form of accomplice liability (or whatever equivalent they have in France) as soon as he refused to comply with a lawful order: the refusal itself is a purposeful facilitation.
That's a distinction between end-to-end encrypted applications and cosmetically "secure" apps like Telegram.
That's what I meant, the lack of cooperation is what shows the lack of intent, in the end.
I do not understand why this is turned around a "freedom of speech" thing as there is nothing about censoring speech in the first place, this all about criminal activity happening on the platform and the responsibility of the business behind the platform.
While I agree that in many (all?) ways it is that simple, this is an area where there is a lot of scope for there to be unseen pressure from intelligence agencies. The French literally invented espionage (I choose my words carefully here) let alone whatever pressure comes at Telegram from elsewhere. It is hard to be confident in the whys of decision making around large communications tools and security.
Although, ironically, if the French are arresting him now that says good things about Telegram and their willingness to dob customers in.
If the data that the French government wanted was in plaintext they wouldn't need to use the $5 wrench. Also not sure why E2EE is the answer here, governments can pass laws as we have seen with the UK to water the encryption down.
It’s worse than that, the ‘find people nearby’ feature is a public drug and prostitution advertising billboard with zero moderation and has been for years. They’re in a closer position to silkroad than lavabit
While I heard about this feature I thought it was made to find friends or dates. What shows that the intended use is to faciliate drug trade?
Also, in my country they usually just write the ordinary website name on the wall and add "VPN Tor" whatever that could mean. Maybe they try to hint that Tor and VPN are apps for drug trade? Do Tor and VPN have moderation and do they cooperate with law enforcement?
That user seems to be misinformed, and appears to be discussing client-server encryption, not end-to-end encryption. That's unsurprising, because, among the many decisions Durov has made that have baffled cryptographers, attempting to confuse users about the implications of E2E vs. client-server encryption is one of the most notorious.
> Telegram uses the MTProto 2.0 Cloud algorithm for non-secret chats[1][2].
> In fact, it uses a split-key encryption system and the servers are all stored in multiple jurisdictions. So even Telegram employees can't decrypt the chats, because you'd need to compromise all the servers at the same time.
Yes. An employee can impersonate a user by registering a device in their name and intercepting the confirmation code and then read all non secret chats and private groups of that user.
At least one employee must have the ability to intercept the code.
(Unless the user has 2fa enabled, but that is not the default configuration.)
There are probably easier ways if we knew more about how the administrate their infrastructure.
Maybe? When you login from a new device you're asked to provide an OTP so maybe there is at least that layer of protection and, hopefully, requires some circumvention at the application code level.
However I think the real question is: even if that's possible, can law enforcement compel Durov or an employee to do so?
> can law enforcement compel Durov or an employee to do so?
The E2E encrypted comms are a red herring. There is plenty on Telegram that is public, plaintext and presumably illegal.
If Telegram refused to respond (note: not bend over and comply, just respond) to French legal requests in respect of plaintext criminal behaviour the way any other company would and should, that’s somewhat damning. If Durov went above and beyond and interacted with that content, his goose—as the author put it—is cooked.
If you don't use 2FA then the government can simply intercept SMS code for any phone number. Russian government did it against opposition activists, and it prompted Telegram to add a password as second factor. So any service which allows login or restoring access using SMS (incluging Gmail in default configuration) is vulnerable to such kind of attacks. It seems that people in the West are unaware of this type of attack.
There existed one server which sent the code, so whomever administrated that server could trivially have intercepted it by just modifying the software running there to copy/log it to them.
This could be extremely unfeasible. For example the code could be generated by a third party and encrypted before arriving on a server controlled by telegram and sent to the user. Or it could be generated inside a nitro enclave. Sure ultimately someone could modify the server code somewhere to log the code or any other specific message before it gets encrypted, but at this point we are talking about inserting a backdoor.
There is quite a large amount of people believing that Telegram stores messages in plaintext. I would like to know how they got that idea.
So far the best I've got is something along the line of: if you can get your chats when you log in with a new device, then so can a Telegram employee. With no proof of the claim of course.
If the chat is not end-to-end encrypted, which Telegram “cloud” chats are not, then by definition Telegram (the company) has access to the chats. Full stop.
Something being true only by definition is unfortunately a very weak claim.
For example the company servers could be hosted on an island with armed guards instructed to burn everything if anyone approaches and the decryption happens only on those servers: sure they have access by definition, but they really don't.
The guards could decide they’re not getting paid enough and steal the data. Or the government could arrest them. Or the government could MITM the data center. Or any hundreds of different scenarios.
At the end of the day, the only thing preventing somebody from accessing the data is that they just… don’t.
This is very weak security and it is why cryptographers and security professionals call it “effectively plaintext.”
I am saying that in practice the security might be structured in such a way that it requires several different parties to connive, rendering it essentially fine.
I mean, having to modify server code in order to access data that is "effectively plaintext" is not so different from installing a backdoor inside the client: it's not like the user has any choice of client, so even for apps like whatsapp and signal that run E2EE one is still making a leap of faith.
If we add the fact that everything runs inside an os built by companies who may or may not be constantly spying on their users we could say that by definition there's a lot of stuff in our lives that lives in "effective plaintext".
EDIT: regarding the part about signal and whatsapp I must clarify that of course the possibility of inserting a backdoor on the server side is far more dangerous than the client side: Signal has verified builds so a backdoor would be evident and the user could stop using the service. And the same actually holds true for any app using E2EE if the user simply avoids autoupdating and wait for some confirmation that it is ok to update, at least as long as we can assume that any client side backdoor would be found by independent researchers.
I also want to repeat the original point that started this whole conversation: the point was how easy it would be for Telegram to access the chats and if the justice system can compel them to do so.
When people say it has the data in plaintext, I take as a "they can access them whenever the want right now without changes", and yes of course the could ultimately access the data (in fact they don't claim to be unable to). What they claim (and I believe it feasible) is that even if a judge seized all the assets and servers under his/her jurisdiction it would be impossible to decrypt any user data.
If the only thing stopping them from decrypting your messages is instructions to their own employees to not allow it to be done, that is not a defense against providing access to law enforcement. They can just change those instructions at any time without anybody knowing. Just like they can just change the server software to allow it.
Somehow they must transfer the chat history from their servers to the user. Either it's plain text, or encrypted and they either use the keys to decrypt or send the keys to the user along with the encrypted content. In all cases they can simply access the contents themselves.
I think this statement requires a stronger argument, since even if they could have access to the data in theory there are concrete implementations where it could be extremely unfeasible.
For example, since we are in the realm of speculations, I propose the following alternative to the plaintext or accessible decryption keys: the decryption could happen inside a nitro enclave making it essentially impossible to access the data without changing the application code.
I'm not saying that this is what happens, just that I don't think that one can so easily deduce that "they can access the data" just from the fact that "they send you chat history to you".
The protocol is fully documented. You are free to read it for yourself without resorting to guessing. [1]
Messages are not stored in plaintext. The claim they are stored in plaintext is false.
One can have cogent arguments about one's preference for E2EE or not but the repeated claim here and elsewhere that messages are stored in plaintext is simply hearsay.
No false claim was made, and nothing in that thread was relevant to the analysis of this story or on this thread. I'm very comfortable leaving it there, and that the people who will take my word on none of this mattering are the only ones I need to care about.
> What it means is that European states are going to try to extraterritorially dictate to foreign companies what content those companies can and cannot host on foreign-based webservers
It looks like the author failed to grab that Durov asked for the French nationality and therefore is a French citizen who must comply to French law.
> Telegram is not the only company in the world which has a social media platform used for unlawful purposes
Except Telegram is the only one of those companies which intentionally doesn’t answers to legal requests. All other social networks are cooperating with law enforcers in the countries they operate.
Even Signal is cooperating when asked too. The difference is that unlike Signal, Telegram owns its users data in plaintext.
Also the author fails to understand that the complicity here doesn’t mean that companies in Europe are responsible for their users content. Like in the US, they are responsible if they fail to comply to laws in a reasonable time. Telegram doesn’t comply in a reasonable time since they voluntarily don’t comply at all. That’s a huge difference.
The author wants to cry against the EU lows because EU bad period. "Don't travel to Europe, don't hire in Europe" and so on. The rest is looking for arguments to support his "hunches".
The author is “an adjunct professor of law at Fordham Law School in New York City, where [he] teach[es] cryptocurrency law and practice” [1].
The law professor bit is shocking, given the article basically revolves around it making “zero sense for Durov to do any of these things,” as if criminality is always rational. But crypto has broadly come out in support of Durov [2].
And it all makes sense if Durov is in fact working for the French secret services and his "arrestation" is just a way to protect him from novichok or a balcony fall, and a cover story for how France got hold of the keys to Telegram.
I mean, he got French citizenship despite not fitting any legal requirements, and nobody in the French government has given any explanation on why he got it.
Telegram in the primary communication platform for the Russian forces in Ukraine. That may or may not be of interest to the French authorities, but the fact that it is also used by the Russian mercenaries taking control over former French colonies definitely is. A French citizen aiding Russian military and mercenaries in the French sphere of interest is asking for trouble.
FWIW I've been told it's sometimes also used by the Ukrainian diaspora to communicate with their families back in the war zone.
Tough whatsapp appears to be more popular for that.
>If Telegram receives a court order that confirms you're a terror suspect, we may disclose your IP address and phone number to the relevant authorities. So far, this has never happened. When it does, we will include it in a semiannual transparency report published at: https://t.me/transparency.
The problem here is that authoritarian and Western governments might request the data about opposition activists under excuse of being "drug dealer suspect". For example, what if US requests data on Snowden or Assange?
> Also the author fails to understand that the complicity here doesn’t mean that companies in Europe are responsible for their users content
In the EU, every company is responsible for what their users post on their service. There's a reason you won't find any (or very few) comment sections on the website of EU media and news companies. No one wanted to pay for the moderators needed, so when the law came around most comment sections were shuttered.
Their claim is false. The eCommerce Directive (2000/31/CE), article 14, exempts service providers of liability when they merely act as hosts (eg. comment sections, chat services, you name it), as long as they are not aware of hosting illegal content.
A legal authority (judge) issues a legal request, which must be complied with to the best of your ability. If you don't comply, you're acting unlawfully and thus you're detained by law enforcement (police).
What a brutal slope here. What is the EU's endgame? That they can tell any tech company to implement specific features and backdoors to any product? How much do they pay for those man hours? Is there any examples of companies giving over gigabytes of encrypted garbage, then being told "hey you need to come up with a way for us to decrypt this"
What if it wasn't even encrypted, and was just so many gigabytes of data that the government doesn't have the skill or manhours themselves to wade through it? Can they demand big data tools tailor made per company?
Why can't companies submit software and data to these requests so covered in "cookie consent style popups" that nobody could ever get through it in multiple lifetimes?
2) They try to use arguments about jurisdiction to avoid helping law enforcement with lawful requests
All the other messaging platforms (WhatsApp, Signal, iMessage) have started to use end-to-end encryption to avoid being in this position in the first place. But they also comply with law enforcement and share the data they do have, and don't hinder lawful investigations.
The biggest issue with Telegram is that due to the lack of end-to-end encryption it is a huge security risk; how do you know the operators aren't selling access to your chats to some criminal actor or a repressive government agency? You don't.
I found it interesting to read that their approach is supposedly to split encryption keys across jurisdictions. It sounds like they believe that they should therefore not be able to be compelled to reveal any plaintext because the keys are not in the jurisdiction asking for data, but as far as I can tell this is obviously rubbish, because a computer is not subject to the law, an individual is, and in this case an individual with the power to comply who is seemingly deciding not to.
What's weird is that there aren't really technical blockers to E2E encryption anymore (maybe different 10+ years ago), and with such a weak alternative, you'd expect Telegram to want to switch. The fact they haven't for so long, and have essentially doubled down on their flawed approach suggests that there's a reason we're not privy to as to why they don't want to move to E2E encryption. I'd hope not, and I don't want to throw around conspiracy theories, but when a decision doesn't make sense that's usually due to missing information, and I do wonder what we're missing.
[1] Signal is working to support an encrypted "cloud backup feature" (some hints on this are on their code base), as per "sync" that's already done in the forward direction by Signal (by sending all new messages to all your devices) I'm sure you could provide some sort of backward sync as well.
[3] Signal already supports groups up to 1000 people iirc, I'm sure a read-only channel larger than that could also be doable. [4] I'm not sure why that would not be possible.
I'm not sure exactly what [2] refers too but nevertheless I have some doubts that would cause a blocker.
I used Signal as an example since it's a well known encrypted messenger; although I must acknowledge it's not really a Telegram competitor and vice versa (one is a secure messenger and the other is a social media app).
That said, (proper) E2E encryption makes everything harder to do - again, you can take Signal as example and their development speed. But, I'd argue, is not impossible
> Signal already supports groups up to 1000 people iirc,
Which is where the practicality fails. This is why Telegram is the only app that works in large protests, unlike Signal.
Time and again, Telegram proves that the lack of E2EE actually becomes its strength, as proven by the protestors in Myanmar, Hong Kong, Iran and more countries: https://x.com/Pinboard/status/1474096410383421452
I'm not really against E2EE, but many of us fail to see how E2EE can hurt the usability of the app sometimes, and in cases where it is needed the most too.
Many Telegram groups have thousands of people, which is impossible to do on Signal at the moment. WhatsApp copied Telegram's features, large groups with topics and channels too!
> I'm not sure exactly what [2] refers too but nevertheless I have some doubts that would cause a blocker
1 and 2 are related. You can quickly login on Telegram and have your chats sync instantly, instead of waiting for manual backups or devices to sync. The devices run independently.
> But, I'd argue, is not impossible
I too don't think it's impossible. It's just computationally expensive and comes with limitations for now.
Durov does not want to use the Signal protocol either because he's been approached by the US agencies multiple times to include certain algorithms or libraries inside Telegram, not to mention that Signal itself is funded by the government.
Matrix could be better but it leaks tons of data, has been hacked multiple times in the past too.
What baffles me is why people use a centralised messenger to organise a protest? and the one that is hosted in another country.
And what do you imply 'funded by the government' means for Signal? It's a nonprofit org, app has e2e encryption and clients are open-source. How is it worse than an app owned by an LLC in UAE, with no e2e encryption by default, unknown funding sources and no information about what's going on on the server?
How so? WhatsApp, Signal, iMessage and others all support sending files. File size isn't a factor (assuming you're fine with leaking the metadata of who has received the same file).
Usually it's a power or money profit motive. Just think what tasty things some large corporation or government could do with that data. They could sell ads! Or hold dissidents hostage. All sorts of things.
The fundamental problem we have right know is that we know the charges, but not the factual allegations that underlie those charges.
Put differently, if you wanted to put together a charge list for the head of a large social media company you didn't like, this is what it would look like. If you wanted to put together a charge list for someone actively running the group chat of a terrorist group... this is what it would look like. And same for pretty much every level in between.
Deciding which of these scenarios is more likely is more indicative of your priors of the scenarios than it is of the evidence. Is this the French government going after a fairly innocuous service because they don't like what they provide? Or is it the government going after a service saying "neener neener your laws can't touch us"? Or is it the government going after an individual with tenuous connections to criminal organizations? Or one with solid connections to criminal organizations? Truthfully, we don't have the evidence to distinguish between these scenarios yet, and we should reserve judgement until such evidence comes to light.
The thing is that French law for criminal procedure says that it is secret. So in principle judges and prosecutors don't have to publicly say anything and in fact should not say anything apart from discussing with Durov and his lawyers.
That said, for high profile cases they tend to give some information to control rumors and the media.
I just opened telegram, went to ‘find people nearby’ and was immediately presented with a long list of drug dealers and prostitutes advertising their services. I’m pretty sure that’s not legal
Does your email provider cooperate with law enforcement when they show up with a warrant and want details about an email/account involved in criminal activity?
Did telegram not? They do ban those; the channels and accounts are getting deleted. Some content is available in one country and not available in other countries. Imo we need more data to tell what was happening and how fair these accusations are.
Every once in a while I find a slip of paper in my postbox with the contact info of a local drug dealer. The police can't be bothered arresting them and even if they do such a dealer gets replaced in hours anyway. They use WhatsApp.
I think it's CP that gets Telegram in hot water. Prostitution or drugs bothers noone but pedophiles trading stuff wakes everyone up.
This is a take I keep seeing, more or less, and yet Telegram is not an encrypted messaging service for the most part, and so Durov could have moderated but actively promoted his not doing so; and the crimes this article leads with, as examples of things that’d get you in trouble in the US too, are said to have been prevalent on Telegram.
(Also, maybe it’s nitpicking, but there are very obvious reasons why it’s better to have the Taliban using WhatsApp and the US getting all that metadata and maybe more, rather than the Taliban finding some other channel. If Washington wanted WhatsApp banned in Afghanistan it would’ve happened long ago.)
What I can’t figure out is, are these commentators naïve or just piling on for attention or what?
> there are very obvious reasons why it’s better to have the Taliban using WhatsApp and the US getting all that metadata and maybe more, rather than the Taliban finding some other channel
There are some very obvious opportunities when the Taliban (or enemy de jour, like drug cartels) feel the need to be "finding another channel".
"Hardened encrypted devices provide an "impenetrable shield against law enforcement surveillance” and are in high demand by TCOs (transnational criminal organizations), thus the shutdown of Phantom Secure in March 2018 left a vacuum for TCOs in need of an alternative system for secure communication.
Around the same time, the San Diego FBI branch had been working with a person who had been developing a "next-generation" encrypted device for use by criminal networks. The person was facing charges and cooperated with the FBI in exchange for a reduced sentence. The person offered to develop ANOM and then use his contacts to distribute it to TCOs through existing networks. Before the devices were put to use, however, the FBI, and the AFP had a backdoor built into the communication platform which allowed law enforcement agencies to decrypt and store the messages as the messages were transmitted."
I'm still seeing drug busts here in Australia that're attributed to An0m (or which look extremely likely to have used An0m as part of the investigation).
> Summing up: for the time being, if you run a social media company, or if you provide encrypted messaging services, which are accessible in France, and you’re based in the United States, get out of Europe.
If you make a mockery of the law enforcement's requests made within the scope of the local laws then yes, you should get out. Especially if you show your middle finger to the country you visit and hold citizenship of.
Durov has money to buy citizenships that allow him access to most of the world without needing to obtain a visa so I'm sure he has a well-paid legal team that proactively monitor the situation. He may have been informed of the legal noose tightening around his neck and chose to go to France for one reason--France does not extradite its citizens and he happens to hold French citizenship. This puts him out of the reach of other jurisdictions (e.g. the US) and he may be hoping for a deal and better food. We should wait for official information from the French authorities as well as for news of people connected to him and his businesses falling out of windows. The former will explain the latter.
> If, however, the French are simply saying that Durov’s failure to police his users or respond promptly to French document requests is the crime (which I suspect is the case), then this represents a dramatic escalation in the online censorship wars. What it means is that European states are going to try to extraterritorially dictate to foreign companies what content those companies can and cannot host on foreign-based webservers.
This completely ignores that the amount of criminal activity on Telegram in Europe as well as parts of Asia in itself has been escalating. The author is coming at this from a US-based point of view, which is fine, but unless you're particularly interested in the topic it's difficult for Americans to be aware of the scale of Telegram's role in criminality elsewhere, as this does not seem to be the case in the US. Maybe someone here knows why Telegram is not as core to organized crime in the US, and what communication methods are used there. But it's clear that in Europe and parts of Asia, its role is massive, and has been growing and growing without a limit in sight. This is easy to underestimate.
In these parts of the world, the scale of it is of a completely different magnitude than criminal activity on e.g. Facebook, which the author brings up but is a misguided comparison. And that's ignoring the relative percentages of legit vs criminal activity, which are inverted (if not worse) between the two platforms, because that's not as important.
Scale and absolute numbers, the absolute detrimental effect on society, matter.
I don't see this as an escalation because there was always going to be a line somewhere. A line where the amount of criminal activity on a platform, which when crossed , was going to cause arrests. Telegram's continuous growth in this aspect means that the line has now been crossed.
And in reality, this line exists anywhere even in the US. It might be higher, but it's still there. The idea of not having such a line is clearly insane - that would mean no matter if something completely destroys society, we're going to let it pass. Such lines are almost never enshrined in law, for obvious reasons. They only become visible to everyone as they are crossed.
If I open telegram and go to ‘find people nearby’ I am presented with a long list of drug dealers and prostitutes advertising their services. So they not only help with communication, they help with advertising, and since this is all public, they can’t really say they’re not aware
Trying to understand his legal situation by analogizing with US law understanding strikes me as some real Dunning-Kruegering. Surely someone like Preston Byrne has someone he can reach out to to get a better understanding of the actual French legal situation Durov is in.
Reading the article I was baffled to see all this talk about section 230 of communication and decency act. Telegram moved from Russia to Dubai and Durov was arrested in France.
Using the US hammer on a foreign nail gives vibes of Team America - World Police parody.
Yeah, a lot of people, commentators, HNers, Redditors invoke US laws and procedures as reasoning and for comparison. Which is bordering on the useless - okay, you think he wouldn't have been arrested in the US, cool, what does that actually tell us about him being arrested in France? Nothing? You didn't even bother to look up how warrants and arrests and criminal proceedings work in France? Thank you for wasting my time with your commentary.
The article was written for the benefit of Americans with business operations in France, so understanding why America is way better than France to run a social media company is relevant information.
That the article wound up being circulated to a bunch of Europeans who thought it was an article about French law after someone posted it on HN is something of an accident; the article isn't for them (unless of course they're planning on starting a social media company, in which case leaving Europe and setting up shop in America on a permanent basis would be recommended). The very fact of his arrest is enough for Americans to know to steer clear of the EU going forward.
There is plenty of legal background for France (and Europe more broadly, eg the German NetzDG) there if you'd care to read the piece, including reference to numerous censorial provisions of French law which make France suboptimal vis a vis the U.S. for social media operations including Loi no. 2020-766 du 24 juin 2020, the EU DSA, and the applicable French aiding and abetting statute, the last of which would not have been usable against Durov in the U.S. absent specific intent to commit an unlawful act.
The conditional immunity under the DSA is also not as comprehensive as the broad immunity under Section 230, but that was out of scope so I didn't get into it. I do admit the piece assumes some familiarity on the part of the reader with the existing problems around the EU regulatory schemes relating to speech and content removal.
If you have any constructive suggestions I'll be happy to consider including them and giving you appropriate credit, just chuck them in the comment section. tl;dr though, in my view, France is not a great place to incorporate and run a social media company.
People who whine about Redditors are like people who whine about anime being for pedos. They're almost always what they complain about.
You managed to avoid being supposedly insufferable by refusing to parrot that Dunning-Kruger has been disproven, yet you still insisted on being actually insufferable by doing this whole performative holier-than-thou dance, to then end on a strawman (no, they did not say what you or the author can or cannot talk about).
Why? Do you legitimately not have even a shred of self-reflection? Or should I allege you're an "NPC", if that's maybe closer to your vernacular?
More and more proof is coming out that Pavel Durov has secretly traveled to Russia more than 60 times between 2014 to 2021. If so, it's close to impossible that he does not cooperate with RU security services. It's either co-operation or he'd be kaput.
Furthermore, after his failure with his crypto project in the United States, he returned to his homeland, and the Kremlin immediately "unblocked" Telegram. The next day, Durov promised investors to pay off the debts. Quite a coincidence.
Telegram also has taken down various channels from one side of the global conflict and not others. For example, he took down the channel of Iranians protesting against the dictatorship in 2017, but he refuses to take down the channels that sell child *pornography, drug$, human trafficking, or Ru$$ians posting videos of beheading Ukrainian POWs, etc.
This whole situation is really complicated, to say the least. Freedom of speech is paramount, but in times of global information warfare, it's not really possible to stay neutral as the owner of the top communication platform. Especially given the horrific stuff that’s being done on this platform.
He says he is neutral, but the facts indicate that it's not quite true. And it’s understandable from the aspect that his life is probably at risk if he doesn’t cooperate. So, it seems he's just trying to navigate a delicate balance, maneuvering between conflicting pressures. Prison is not great, even if it’s French, but Europe is less likely to give him novichok tea, so he apparently chose to work with the other side.
Why are so many people taking this at face value? There's a war going on and the man in charge of the communications system for one side flew to try to meet his leader and then flew to an enemy country where there was a warrant for his arrest.
I'm not saying the French aren't serious about the charges they've published but they're hardly the main point.
Yes, the situation is strange. According to many sources the following is true:
1) Russia uses Telegram for military communications.
2) Russian military bloggers use Telegram for detailed updates, including graphic pictures.
3) Ukrainian military bloggers do the same.
4) Russian mercenaries use Telegram in former French colonies in Africa.
France may want to shut down 4), but I would think that Western intelligence services would not want to shut down the uses in the Ukraine conflict because they can track everything. So maybe they just want a better tracking API.
They would want to shut it down in preparation for a large Middle East war though. In that case, they'd prefer hand picked CNN embedded journalists and not have graphic pictures appear freely.
Lavabit was mentioned here. Perhaps Durov should just announce to shut down Telegram and find out if certain forces beg him to continue the service.
Ukrainian military bloggers use it, their public persons use it and while there is probably an an order that dictates not to use it - I really doubt it is being followed completely considering the vast majority of Ukrainian military are yesterdays conscripts and not professional soldiers. Some of them drink, some of them sell their equipment, some of them gamble.
I really doubt they don't use telegram. Maybe it is not systemic but neither this is for Russia.
Our military's comms are over Matrix/Element, Whatsapp, Signal (in the descending order of significance.) Officers are trained to avoid Telegram just like the other known-to-be-compromised communication channels.
I see this argument a lot, but it falls apart when you realise Ukraine also extensively uses Telegram. Maybe not for official state business (Zelenskyy chatting with his intelligence chief), but many times officials communicate with civilians via Telegram channels.
That's just wrong. Telegram is trusted by both Ukraine and Russia. That tells a lot. Also I am living near Russian border and remember well how Durov left Russia and I am quite sure he is not puppet of Putin...
Imagine that Ukraine used a US messaging system for military comms. The head of that company visits Serbia (a country friendly to Russia) and is arrested on some charges that you don't agree with. Will you debate the charges or the consequences for Ukraine?
Maybe it's because I live very close to Russia and most of the people here probably don't think about the war every day, but the strategic reality of this situation makes all these privacy arguments so trivial.
I need to see this happen to someone other than Durov to consider that it's not about the war. While it's only Durov then I really don't think he's discussing privacy issues with the French - they are discussing his access to Telegram's systems and his ability and willingness to give that to the allies of Ukraine. Likewise in Russia they are not discussing the privacy issues, they are trying to lock Durov out Telegram's systems and the military and intelligence services are working on alternative ways to communicate, and meanwhile the effectiveness on the battlefield of the Russian army is compromised.
Speaking of Serbia, it's interesting that Macron is about to spend 2 days there, officially for the matters of selling fighter aircraft, nuclear reactors, and something about «AI»...
Now, of course that this happens just after the arrest of Durov might just be a coincidence, but you would also think that Macron might want to try to postpone that visit, especially considering the heating up political situation at home :
After Macron dissolved the assembly after very bad for his party European elections, the Left bloc won the legislative elections... but then Macron, after nearly 2 months, just declared that he refused the prime minister they selected, leading to an obviously pissed off Left bloc, most of which is calling for manifestations, and its leading party - basically starting an impeachment procedure against Macron !
The speculation on this situation is crazy. People are losing their minds over the idea of Durov being arrested over crimes committed on his platform, but we don’t even know the details. For all we know he could have been completely complicit. Hold your horses people.
This and in addition, I have not seen proof that he knew about a pending arrest when he went to France. Many commenters and media paint him somewhere on the spectrum between arrogant and stupid, when it is not clear at all that he had a chance to avoid the situation.
I don't know him but the idea that an individual CEO would be handled in this way seems extreme and calls into question the actual motives of the French government.
> For all we know he could have been completely complicit.
I guess he could be an international terrorist drug dealing pimp.
> Hold your horses people.
The French governments actions and communication on the subject has created this environment. They can easily alter it if they choose.
It's not for the government to communicate, and criminal investigations are secret in France. So prosecutors don't have to make any public statements or release any documents (and in fact they shouldn't) but in such high profile cases they are likely to make a general statement to placate the media.
The man has four passports and I'm curious about how he got the French one... This is on his Wikipedia page:
"Durov was naturalized as a French citizen in August 2021, giving him European Union citizenship. Le Monde described the naturalisation as "mysterious", since Durov had not resided in France apart from brief visits. Le Monde suggested that Durov was naturalised via the rarely used "merit foreigner" procedure that is awarded directly by the French government to people viewed to have contributed exceptionally to France's international influence or international economic relations." [1]
Seems obvious that there is much more than meets the eye...
He wasn't arrested by the French government. He was arrested by the law because he's a French citizen who provides a service used by criminals, and he has refused to act on lawful requests.
Reading the charges, one jump to my mind as being scary:
"Importation d'un moyen de cryptologie n'assurant pas exclusivement des fonctions d'authentification ou de contrôle d'intégrité sans déclaration préalable."
- Import of a cryptographic mean that does not exclusively perform authentication or integrity control functions without prior declaration.
This to me is a deeply disturbing charge, would that mean that using full disk encryption I'd be liable to be charged with that? Did the maintainers of LUKS do a prior declaration? If not are they likely to be charged if they ever travel to France?
After all, I can fully imagine a server being seized in a data center being encrypted with LUKS. In that case, is it the fault of the maintainers?
He starts by saying that in the US, social media owners are not responsible for crimes committed by their users. How does that relate to the Kim DotCom case? Is piracy treated differently?
Telegram’s End to End Encryption by default is disabled, only available for one-to-one conversation. My ‘guess’ is that most of group conversions are pretty accessible on telegram servers, which might be the case here.
This article repeatedly referred to Telegraph as "encrypted" ("have full encryption on their services", "when you’re running a globally accessible encrypted platform"), which seems misleading, if by default, it is not end-to-end encrypted.
I think the idea is that Telegram servers are encrypted with keys that Telegram itself has access to (just distributed to different countries) - as opposed to e2e encryption.
The fact that the French president invited Durov to dinner and then arrested him, is so strange. They want to control Telegram, the arrest is just an excuse.
Strange, I haven't found any articles that mention the "Find People Nearby" and "Make Myself Visible" features, which seems to be core features criminals use to sell drugs/sex, finding new random clients in the area.
The public non-encrypted aliases or bio of users often contain wordings that explicitly spell out they sell drugs or sex.
For instance, one alias is "WEED COKE MDMA SPE..."
I don't have a clear opinion on whether drugs or selling sex should be illegal or not, can see pros/cons, but my opinion is irrelevant, my point here is that Law Enforcement, might find this very problematic, that there is obviously no moderation here.
Articles about Telegram and similar encryption problems always tend to hit the very manipulative topics. Terrorism and CSAM are always used. The four horsemen methodology for control.
The point is to emotionally manipulate the audience into complicity. To cause people not to question the underlying privacy and legal issues.
Instead they want the reader to have thoughts of large numbers of people, in organized networks presumably, that want to cause terror to them or harm to their children.
This causes a reaction in many people to forget about basic rights and focus on the fear they have been given instead.
I'm sure France and the U.S. have a million reasons to want this data from the Ukraine war, to probably some cases of the things they claim. However, it is definitely exaggerated and no one should be willing to trade the ability to communicate privately out of some fear that people who want to harm you are also able to communicate privately.
None of it really makes any logical sense because at the end of the day, to end all encryption means the Government would have to basically criminalize math.
So of course they rely on the reliable methods of emotional manipulation. I mean, they should have a blank check to go after this guy and anyone else, right? You don't support terrorism do you???
I see contradictory statements: some media report that warrant for Durov brothers was issued in March 2024 [2], yet, france24 [1] claims that:
> In a subsequent statement, Paris prosecutor Laure Beccuau said Durov was arrested as part of a probe into an unnamed person launched by the office's cybercrime unit on July 8.
So the probe was launched in July, but the warrant was issued in March? I do not understand that. Was warrant issued on a different case? Is information about warrant incorrect?
But specifically, the issue with the likes of today's Facebook and Twitter (no idea about Telegram) is that they do NOT «just passively host the content», in fact they started to actively engage into its editorializing as soon as they switched to using «algorithmic feeds» !
This has even been a pretty big legislative battle in EU a few years ago, when there were attempts to try to legislate «3rd way(s)» between the extremes of dumb hosting and online newspaper :
Telegram allows everything and anything, including unsavoury/illegal content (supposedly you can report it and it gets taken down, but potentially the whole crux of the issue Durov was arrested over was that it's not enough/fast enough/law enforcement can't report). There are channels from Russian and Ukrainian officials making official announcements (today our city of X got hit by missiles, please go to ABC if you need help), there are Russian officials using it for official communications (including military and intelligence). There are paramilitaries and other such groups using it for internal and external communications too.
> Telegram allows everything and anything, including unsavoury/illegal content
Which is simply wrong. Telegram is heavily banning users, channels and groups (if reported I assume) the difference is that they don't apply American morals but something a bit more open than that.
To give you a concrete example, it strictly follows basically the same morality terms for porn as onlyfans or pornhub (except the copy right that is)
e2ee is not a panacea. Law enforcement is more interested in metadata than content: who messaged whom and when, which account corresponds to which phone number etc. This data is still sitting on whatsapp and signal servers, so not much safer than telegram. I'm looking at Element now: at least it doesn't ask for phone number and I can host my own server.
Here, the French government is accusing Durov of being complicit with – i.e. aiding and abetting – criminal activity and also unlicensed provision of “cryptological” software, with encryption products subject to prior government authorization before their use in France will be approved.
Another danger here is that other governments (eg Russia China) might respond assymetrically (or even exactly the same) against other CEOs of companies that give agency to narratives they are not happy with. For example by kidnapping them and constructing some bogus charges, using this instance as a precedent.
Is this an unintentional war by Europe on facebook, signal, etc? What will the outcome be? Will these services leave Europe? Will Europe change the rules ?
It seems not yet. Signal is e2e encrypted data which telegram is not, Facebook has regularly collaborated with authorities, which apparently telegram did not. Every case is different.
I think TFA is ignoring the usual practice of prosecutors everywhere to stack accusations with a bunch of things which won't stick.
Nonetheless, France has been flirting with extended internet censorship for a while.
He did not know that he would be arrested there. The plane tried to leave Paris airspace at the last minute, but it was too late. Durov should have known that he could be arrested. Basically, arrogance and wishful thinking, complacency, believing in "democracy". Still, UAE will probably get him out.
I really wish people who don't know anything would shut up and wait for the GaV to end and the Ofmin judge statement before getting any conclusions.
Yes, France is more and more corrupt, the fact that they deny anticor the right to pursue lawsuit against companies and politicians since 2023 is proof, but this arrest in particular seems well within the legal system (if he is kept under surveillance for more than 96 hours however I will agree with the author, but frankly it's a 'broken clock right twice a day' kind of agreement)
Or the EU and France allowed its citizens to gain services from a foreign company, Telegram, and did nothing to stop them? Russia at least tried to block them.
“Summing up: for the time being, if you run a social media company, or if you provide encrypted messaging services, which are accessible in France, and you’re based in the United States, get out of Europe.”
Yeah, Europe is becoming more and more authoritarian and less and less demoractic.
The Netherlands, the host country of the ICC, in 2021 made a law that anyone that works in a job with an obligation to secrecy cannot be prosecuted for lying under oath in a court. They cited an example of a lawyer client confidenially. They did not however, talk about the fact that now everyone in government can lie under oath in court. This undermines the very functional principle of a court of law. Lovely for the ICC.
In addition, they created an organisation called the RIEC, with does not have a natural person as it's presentative, which under Dutch law means that it cannot be taken to court by anyone. The gave this organisation control over not just criminal investigations but "interventions", which have no definition and can be anything. They can do anything against anyone and not be held accountabile. And typically they do this through weak civilian proxies for further deniability.
There's a 6x part Dutch documentary where it shows that 9 innocent people were sent to jail on fabricated evidence. One committed suicide. The Dutch will not re-open this case and the responsible person (The former head of the organised crime unit in Arnhein) is not the president of the court of Maastricht. Not fired, promoted.
Except Google is taking down any illegal data they are asked to takedown or to give to law enforcement.
Durov is not arrested to have hosted illegal content but to deliberately have not do anything against it when asked to.
If you did something illegal via Gmail and the law enforcement asked for your mails to Google, they’d give them. Telegram voluntarily did not.
Note that Durov/Telegram could have been easily protected against this by using E2E encryption and therefore not becoming the owner of the data on their servers.
> Note that Durov/Telegram could have been easily protected against this by using E2E encryption and therefore not becoming the owner of the data on their servers.
If you literally have plaintext documents responsive to criminal inquiries in a jurisdiction you are subject to, we don't reach the "internet censorship wars". You're in a place not dissimilar to a 1970s telephone company; the "random people can't simply declare themselves above the law wars". Don't be in that place. Encrypt end-to-end.