• @[email protected]
    link
    fedilink
    English
    474 months ago

    So they can make a very convincing case for a backdoor, in exchange for his release. And maybe some compensation for continued cooperation. Both come out winning and they get to claim nothing happened.

    Government cyber security dealings as usual. or not. who knows?

    • @[email protected]
      link
      fedilink
      English
      13
      edit-2
      4 months ago

      It’s one of the most popular social media apps in Russia that is not banned or blocked. I would bet they already have a backdoor for the Russian police and intelligence agency…

    • @[email protected]
      link
      fedilink
      English
      84 months ago

      That conspiracy theory is so dumb.

      The government almost certainly doesn’t need a backdoor as telegram is almost completely unencrypted (only one-to-one channels can be but aren’t by default). The real (but more boring) conspiracy theory is that governments generally don’t mind Telegram because its willfully terrible security model allows them to keep an eye on terrorists and activists’ communications (I have a hard time believing that the NSA or even DGSE don’t have their own backdoors already).

      However the EU does have laws mandating the moderation of said unencrypted messages, especially when it comes to CSAM, which Telegram is notoriously poorly moderated. It’s certainly reason enough to arrest and question this guy, at least until formal charges are brought or he walks free. Maybe there are additional political considerations, but there doesn’t have to be.

      Also how would arresting this guy help with backdooring. He doesn’t have access to the source code. Whoever he calls to get that done is out of reach of the French police. He has no reason not to disable that backdoor as soon as he gets out of the EU. If he can be bought off he already has been (Crypto AG style except way lamer because no-one clever&important trusts Telegram), you don’t need to arrest someone to pay them. I’m no DSGSE bigwig but pressuring lower level engineers to backdoor their code seems like a 1000% more effective approach.