Saturday, November 28, 16:48
Home inet Telegram leaks IP addresses when sliding

Telegram leaks IP addresses when sliding

Telegram is a communication application that allows the creation of encrypted chat rooms and encrypted calls via the internet. It calls itself a secure and private application, but one researcher takes the opposite view. It states that with the default settings, the application reveals the IP address of the users when they start a call.

This is caused by the Telegram's default setting, to make calls using P2P (point to point). When P2P is used to make a call, the IP of the dial-in user is displayed in the application's console logs. However, the console log does not exist in all applications. The version of Windows does not have a console log while the version Linux he's got.

The Telegram application gives users the option to disable p2p for their calls by changing the setting through the application's settings, Settings -> Private and Security -> Voice Calls -> Peer-To-Peer, and changing it to Never or Nobody. By changing this setting, all calls will be executed via the Telegram server, which although it hides the IP, may alter the sound quality.

The problem, however, is in the desktop version of the app, as the app does not have the corresponding configuration in the Android version, and can not be changed. This means that IP leakage at the beginning of each call is inevitable for this release.

The security researcher Dhiraj, who also made the discovery, informed the Telegram and published a proof of concept video showing that 3 shows different IP addresses during the call. The first is the Telegram server IP, the second is the user making the call, and the third is the IP of the called user. The Telegram gave Dhiraj 2.000 euros for his finding, and he declared vulnerability with the code CVE-2018-17780.



Please enter your comment!
Please enter your name here

In a world without fences and walls, who needs Gates and Windows


How to choose which extensions will appear in the Edge toolbar

Extensions to Microsoft Edge can make your browser more useful. But sometimes you may not like it ...

COVID-19 vaccines: North Korea hacks drugs

South Korea, to be precise, its intelligence service, has thwarted North Korea's efforts to invade South Korean companies ...

Drupal: Security updates to deal with exploits

The developers of the Drupal content management system (CMS) have released emergency security updates due to the availability of some exploits, which can put in ...

How to disable "Get even more out of Windows" in Windows 10

Does it bother you that "Get even more out of Windows" appears every time you update to Windows 10? May be...

The US military is investigating "telepathic" communication technology

The U.S. Army Research Bureau is funding a new study on how brain signals could ...

Canon acknowledged the ransomware attack in August

About three months later, Canon publicly confirmed the ransomware attack it suffered in early August, which affected servers ...

Hackers love expired domains

Sometimes, website owners do not want to continue to have a domain name and allow it to ...

Word: How to add the same text to multiple documents with one link

Microsoft Word makes it easy to add the same text to multiple documents. This is especially convenient for text with special formatting, the ...

Black Friday: Cybercriminals are monitoring your shopping

Due to the conditions that have emerged from the pandemic of COVID-19, the online shopping will be particularly high on Black Friday and ...

US fertility: Ransomware attack on the largest fertility network in the USA!

US Fertility, the largest fertility network in the US, announced that some of its systems were encrypted in an ransomware attack that ...