Hacker News new | past | comments | ask | show | jobs | submit login

wtf? client is all OSS https://telegram.org/source



I believe the OP was referring to the fact that you have no assurance the application binary you receive on mobile is the same as the public open source version. This goes hand in hand with a third party audit.

Whether or not it's open source doesn't mean much if you can't audit it. Open source counts if you're a developer and can read the code to see that a piece of software isn't e.g. calling home with user credentials in cleartext and storing them or worse.

But this is a custom cryptosystem. Most people can't audit it, and the people who can are not going to use their (extremely lucrative) skillset on the software without personal investment like "I want to use this."

Are they going to pay a consulting firm like Riscure to completely audit the codebase? No? Then it is insecure until proven secure. Open source isn't good enough.


Okay this problem of binary verification you should blame on Google and Andriod app ecosystem. At least on andriod if you install the apk yourself with Telegram and TextSecure you know exactly what you are running. For everythign else, you have no clue.


> if you install the apk yourself [...] you know exactly what you are running

No, you don't. You know what you're running only if you compiled the sources or if you can compare the binary signature with the build of someone you trust (you or others that built from sources).


Indeed. Or to go further, you can't trust even compiled sources you place on dev mode device if you didn't also compile the entire OS and drivers. Still, not Telegram/TextSecure's fault


I think that since these programs are all about security, they do have some obligation to distribute securely their binaries, more than a torchlight app. For example I'd be more at ease if the binary distributed by Telegram had the same signature present in a document signed by whoever did the audit (maybe it's even like that, I don't know).

Of course I still have to trust my OS, but if the OS is compromised I have utterly lost.


The scenario that merits trusting the OS, or app store, is one that assumes you are not individually a target. This means you trust Apple/Google and US/EU. I don't know, I could see there being reason for scenarios that fit this use case but have trouble bringing any to mind other than making fun with crytpo to feel better about yourself, or just muddy the lines for the FBI. If you're an activist, most definitely you fall outside this scenario and shouldn't be using these phones.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: