E2E mobile encryption, is it still safe?

[Cr4ck3r]

I came across a this article about Telegram being hacked by the Chinese government

https://www.forbes.com/sites/zakdoffman/2019/08/25/chinese-agencies-crack-telegram-a-timely-warning-for-end-to-end-encryption/?fbclid=IwAR2swwU335M3uUIQMCbiqiNxgPMYrLCwPW8e3NP9oT9yhClhMunSSDYSWio#3d658f976342

Share your thoughts about it.

[Freak]

While this is obviously a very severe issue for Hong Kong protesters, I'd say that while this is un-patched, Telegram is still safe for the vast majority of regular users. The vulnerability only leaks the phone numbers, so it's only unsafe if you're being targeted by an authoritarian regime that would indiscriminately prosecute without specific knowledge of your communications. You can even then use burner phones to get around it entirely, though as the article notes, this would present challenges for things like protest organization. 

As for Telegrams encryption itself, it sounds like they use an algorithm which uses AES and RSA, so barring any kind of back door in the app itself, I highly doubt that any government in the world could crack it yet.

Still very scary for the Hong Kong protesters though. It just demonstrates that even the slightest vulnerabilities can have repercussions when dealing with highly sensitive information.

Edited August 27, 2019 by Freak