Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
DrKLO
committed
Dec 24, 2013
1 parent
d2a6fa4
commit 4f9384a
Showing
1 changed file
with
1 addition
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
4f9384a
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
major fix :D
4f9384a
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
so, what's the price of this bug? ;)
4f9384a
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
who said that it's a bug?
4f9384a
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
http://blog.hackapp.com/2013/12/telegram-secret-chat-geolocation-leak.html?showComment=1387922480431
4f9384a
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Geo-location data from user to user was unencrypted and could be stolen
4f9384a
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So what? All geo-location data from mtproto server to client is encrypted, it's just map preview around some geo location. There is no information in which app it was opened or something else. This could be you browser or other app. This is not bug at all. Discussion closed.
4f9384a
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I wonder how many more backdoors does Telegram have disguised as "bugs" or even "not bugs".
Or, if it really was a "not bug", you clearly have no idea about how privacy can be compromised and therefore can't be trusted with protecting it.
4f9384a
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The human factor in this case is not good.
4f9384a
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Dudes, as he said, the location is encrypted with mtproto,
its just the connection to the maps servers which wasn't protected. You could also visit maps and share location without https and it would have the same effect.
4f9384a
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
bytheway nice security fix. :)
it was only one s! :D 👍
4f9384a
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hardest fix ever :D
4f9384a
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
motherOfGod.. what a fix!
4f9384a
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What a price for this major fix?) Who knows?)
4f9384a
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
omg
i'm sorry
but he genial