Over the weekend, a video of a recent interview with Telegram founder Pavel Durov went viral on X (formerly Twitter). In the video, Durov tells Tucker Carlson, right, that he is the company's sole product manager and only employs "about 30 engineers."
Security experts say that while Durov boasted that his Dubai-based company was "super efficient," what he said was actually a red flag for users. "What if there was no end-to-end encryption, a large number of vulnerable targets, and servers located in the United Arab Emirates? It looks like it would be a security nightmare. Green refers to that by default, the chat on the telegram is not ending to the end encryption like a signal or WhatsApp. Telegraph users must start a "secret chat" to start to end -to -end encryption, which makes no one outside the telegram or any other recipient cannot read. Over the years, many people have doubts about Telegram's encryption quality, given that the company uses its patented encryption algorithm created by Durov's brother, as he said in the enlarged version of Karlson's interview.
Eva Galperina, Cyber Security Director of the Electronic Frontier Foundation and a long -term risk security expert, said it was important to remember that the telegram, not the signal, is much more than just a messaging app. "What's different about Telegram (and what's worse!) is that Telegram is not just a messaging app, it's a social media platform. As a social media platform, it has a huge amount of user data. In fact, this applies to the content of all communication, which is not one -on -one, particularly encrypted, ”Galperin told TechCrunch. "" Thirty engineers "mean that there is no one to fight legal requests, there is no infrastructure to address issues of abuse and moderation of content.""And I would even argue that the quality of these 30 engineers is not so great," Gallin continued. "If I were a threat actor, I would certainly take this encouraging news into account. Every attacker loves a severely underpowered and overmatched opponent."
Telegram did not respond to a request for a comment that included questions about whether the company has a security officer head and how many of its engineers work full time to secure the platform.Last week, the well-known cybersecurity expert SwiftonSecurity on X wrote that "the cost of running a company that has all the right cyber security tools and the staff is absolutely obscene."
“It's hard to describe the numbers I've seen. It is even said that this is a gray area. But this is an incredible employee and spending. "SwiftonSecurity wrote. In general, even the largest companies on the planet may not spend enough money, time and energy to protect themselves. Telegram has nearly 1 billion users, Durov said. It is one of the most popular platforms for people who work in cryptocurrencies (moving millions of dollars), extremists, hackers and disinformation sellers.This makes it an extremely interesting target for criminals and government hackers. And at best, there are only a few people who deal with cyber security.
Security experts have warned for years that people shouldn't consider Telegram a truly secure messaging app. Given what Durov said recently, it may be even worse than experts thought.