Facebook fell flat on its face on Wednesday, which seems to have led to Telegram having a busy, busy day.
On Thursday, the founder and CEO of Telegram – a popular encrypted messaging app that describes itself as the “more secure alternative” to common messaging apps like WhatsApp – announced that it had picked up three million new users in the past 24 hours: a period that coincided with nearly a day-long, worldwide outage at Facebook.
The outage brought down not only Facebook’s core service, but also its Messenger, Instagram and WhatsApp services. On Thursday, Facebook blamed a misconfigured server:
Yesterday, as a result of a server configuration change, many people had trouble accessing our apps and services. We've now resolved the issues and our systems are recovering. We’re very sorry for the inconvenience and appreciate everyone’s patience.
— Meta (@Meta) March 14, 2019
Telegram CEO Pavel Durov announced the fattening of the user base on his personal Telegram channel. The three million newcomers added to what the service said was 200 million active users as of March 2018.
Of course, we can’t say for sure if the Facebook outage actually caused the 3m user uptick. Maybe the two just happened to coincide. Durov didn’t mention what the typical, non-Facebook-flattened new-user signup rate is. At any rate, in any given week, there are multiple news stories that might cause users to seek out a messaging service that doesn’t suck their data blood like a cyber vampire.
Telegram is a free, encrypted messaging service that’s similar to WhatsApp, except that it doesn’t slurp up users’ data in order to make money from targeted ads. Rather, it runs on user donations.
Durov has insisted that the privacy of Telegram users isn’t for sale. In spite of having known since as early as 2015 that terrorists use the app, the company has resisted governmental pressure to hand over encryption keys. Doing so, Durov has said, would just prompt such users to move to another app.
Eyes wide open
While that’s admirable, Telegram isn’t the be-all and end-all when it comes to secret messaging. It’s had its critics and its glitches. Encryption and security experts have questioned whether Telegram’s encryption is, in fact, better than alternatives.
Telegram has also had its share of vulnerabilities. In August 2016, for example, there was a data leak in Telegram’s MacOS X version. Text that was copied-and-pasted into the app was also written to the file /var/log/system.log
, better known as the syslog, creating a sort of ad hoc and unnoticed backup of anything pasted into it.
Just a few days after that leak came to light, news broke about hackers targeting Telegram’s SMS activation to expose activists and journalists – an attack that compromised the accounts of more than a dozen activists, journalists and other people in sensitive positions in Iran.
Then too, in February 2018, researchers uncovered a bug that enabled Telegram to be conned into displaying filenames backwards – a trick that crooks used to display a JavaScript malware executable as an innocuous .png
file.
But hey, what can you expect? As Naked Security’s Mark Stockley has noted in the past, it’s software, it’s made by people, it’s used by people, and it’s subject to flaws, super-secret-sauce or no. As Mark puts it:
It might be better than the next best thing, but that’s all it can ever be, better.
Casper
Why not use Signal as a crypto text and voice alternative? I. am not aware of them having security problems. It’s a good product
V
If only Signal had as good UX as Telegram. Convenience trumps security.