Article 60J55 Did Telegram's Founder Lose a Million Dollar Bet Over a Prediction for Signal?

Did Telegram's Founder Lose a Million Dollar Bet Over a Prediction for Signal?

by
EditorDavid
from on (#60J55)
While he couldn't even ethically accept the million dollars, PC Magazine's senior security analyst Max Eddy writes that "how this happened in the first place is indicative of some of the information security industry's worst impulses. It doesn't have to be this way."Back in 2017, Telegram founder Pavel Durov and I had a disagreement... Durov tweeted about how the Signal secure messaging app had received money from the U.S. government. This is true; Signal received funds from the Open Technology Fund (OTF) - a nonprofit that previously was part of the US-backed Radio Free Asia. According to the OTF's website, it gave nearly $3 million to between 2013 and 2016. It's entirely legitimate to be suspicious of government funding (even if TOR, OpenVPN, and WireGuard also received OTF money), and even take a moral stand against recipients of money from governments you disagree with. But Durov went far beyond that. He seemed to think this meant Signal was bought off by the feds and predicted that a backdoor would be found within five years. That's quite an accusation to make, especially without real proof, and it made me mad. Not because people were mouthing off on Twitter - that seems to be that platform's primary function. It made me mad that companies ostensibly working to better people's lives by protecting their security and privacy were trying to drag each other down publicly. This is not new; the VPN industry is full of whisper campaigns and counter-accusations. I can't tell you how many conversations I've had with VPN vendors that start with "first off, everything you heard is a lie...." But generally the message from companies in this industry is one of cooperation and protecting everyone. It's a common theme to keynotes at the RSA Conference and Black Hat that the people who work in infosec have a higher calling to protect other people first and do business second. And then this happened (on Twitter): Max Eddy: It's one thing to point out funding and another to say that a "backdoor will be found within five years." Pavel Durov: I am certain of what I'm saying and am willing to bet $1M (1:1) on it. While Eddy didn't have a million dollars, "I knew there was no way I would lose. This would be the easiest million-dollar bet I ever make."I was confident Durov was wrong because Signal, like many companies, has made an effort toward transparency that I can have some confidence in. Signal has made its code available, has registered as a nonprofit, has a fairly comprehensive privacy policy, and has made abundantly clear that it has no information to provide in response to law enforcement requests. Signal's protocol is also used by competitors, such as WhatsApp and Facebook Messenger, which have surely done their homework when selecting a method for encrypting messages. Most recently, a document revealed that even the FBI has been frustrated in its attempts to get data from Signal (and Telegram, too). It's been five years, and Eddy now writes that Signal "continues to be recommended by advocacy groups of all kinds as a safe and secure way to communicate..." "Neither Durov nor Telegram responded to my attempts to contact them for this story."

twitter_icon_large.pngfacebook_icon_large.png

Read more of this story at Slashdot.

External Content
Source RSS or Atom Feed
Feed Location https://rss.slashdot.org/Slashdot/slashdotMain
Feed Title
Feed Link https://rss.slashdot.org/
Reply 0 comments