Good for Telegram. I haven't downloaded and installed their App yet, but I applaud their effort at putting out a secure chat app that everyone can use.
I've been using TextSecure for a while (as everyone on HN ruthlessly suggests) but guess how many encrypted texts I've sent? 0. That's because they have no iOS app and very few Android users.
There are two problems when it comes to creating a good, secure messaging app: strong, proven security and popularity! Hopefully Telegram either solves both or forces TextSecure to solve the latter.
I applaud their effort at putting out a secure chat app that everyone can use.
They aren't making a reasonable effort to put out a secure chat app. If they were, then they would use some of that $200k to hire a company like Matasano to fly out and audit their architecture for flaws. Matasano probably would've caught this bug, because it was a pretty basic mistake.
Not sure hiring a US security firm is a safer approach than crowdsourcing using the power of the global community.
After all, Matasano's tptacek obviously did spend some of his time inspecting and criticizing Telegram this week. However, he overlooked the 100K vulnerability that was later discovered by a Russian guy who considers himself a newbie in cryptography.
The other reason that makes me somewhat reluctant to spend money on hiring Matasano is the recent RSA-gate (and the strange role of tptacek in it).
I understand that you care about Telegram and want to defend it when it is attacked, but comments like this are inappropriate and will damage Telegram's reputation.
It is unfair to imply incompetence on tptacek's part given only that he spent some finite amount of time looking at your protocol and did not find the nonce vulnerability. It is also unfair to say that he didn't find any vulnerabilities despite the potential for a 100k reward as the potential for such a reward (outside of your specific contest) had not been stated clearly.
If you do in fact have evidence that tptacek was involved in RSA's deal with the NSA, you should state your accusations explicitly and provide that evidence. If you do not, I think the accusation is inappropriate and certainly counterproductive.
That said, I very much appreciate the resources you are donating to open source crypto software. It is undeniable that the potential for a 100k reward will send a lot of eyes to your source code. I would encourage you to also consider hiring a security firm (US based or otherwise) and to consider how your comments will affect public perception of Telegram.
Wow, you really are as arrogant as you seemed. I'm sorry I'm normally not rude, but attack tptaeck like that? That's just pathetic mate.
Oh, and the vuln was outside your contest. You gave him 100k, instead of the 200k because of that. No one knew that you'd pay out if they found something outside your competition. So saying that people here looked at it but missed that vuln because they didn't claim the reward is disingenuous -- it was outside the contest.
So, to make it clear, do you imply that "professionals" are just bragging that they know what's better, but they're not much when it comes to the real deal?
Matasano is known crypto company, why would they volonterouly spend their working time fixing telegram for you? Hire them formfew days to see them in action.
I don't mean to sound snide, but judging from your comment history on Telegram related posts, are you really the right person to determine what "reasonable effort" means in this context? Every single post you make is biased negatively towards Telegram.
What I applaud is their effort here and I hope it continues and moves in the right direction. This announcement makes it seem like they are in fact moving in the right direction.
If you don't think "hire people that know what they are doing with crypto" is better advice than "have a contest that doesn't even prove security under known plaintext attacks and pay out $100k to someone who finds a MITM attack to prove you're serious", you're actually not qualified to determine who the right person to determine "reasonable effort" is. I know I sound like a complete jerk, but that's just the honest truth.
The fact is that it is highly inappropriate to have a new, completely unvetted cryptographic protocol in a context where people are relying on it to provide actual security, and they are flat-out ignoring advice from talented and knowledgable people.
This announcement makes it seem like they are in fact moving in the right direction.
Why? Because they're literally paying people to like their product? This developer who found the bug wasn't even trying to get any money. He was, by his own admission, a cryptography newbie who happened to be looking over their protocol and found a serious bug. Now they're throwing money at him. How is that in any way a good thing?
>they're literally paying people to like their product
I don't think this statement is reasonable. Are you suggesting that they gave the 100k reward out because they wanted the recipient to like their product?
>Now they're throwing money at him. How is that in any way a good thing?
I think bug bounty programs have a track record of efficacy. Do you disagree?
I meant they're giving out $100k because they want more people to like their product. If they cared about security more than getting users, then they wouldn't intentionally ignore advice from every crypto expert.
"They aren't making a reasonable effort to put out a secure chat app. If they were, then they would use some of that $200k to hire a company like Matasano to fly out and audit their architecture for flaws."
I don't know whether user sillysaurus2 is connected to Matasano or not but... oh boy... this does come across as a shameless ad for that company.
I've been using TextSecure for a while (as everyone on HN ruthlessly suggests) but guess how many encrypted texts I've sent? 0. That's because they have no iOS app and very few Android users.
There are two problems when it comes to creating a good, secure messaging app: strong, proven security and popularity! Hopefully Telegram either solves both or forces TextSecure to solve the latter.