Researcher refuses Telegram’s bounty award, discloses auto-delete bug

by
Ax Sharma
from Ars Technica - All content on (#5QAKG)
telegram-800x533.png

Enlarge (credit: Joshua Sortino)

Telegram patched another image self-destruction bug in its app earlier this year. This flaw was a different issue from the one reported in 2019. But the researcher who reported the bug isn't pleased with Telegram's months-long turnaround time-and an offered $1,159 (1,000) bounty award in exchange for his silence.

Self-destructed images remained on the device

Like other messaging apps, Telegram allows senders to set communications to "self-destruct," such that messages and any media attachments are automatically deleted from the device after a set period of time. Such a feature offers extended privacy to both the senders and the recipients intending to communicate discreetly.

In February 2021, Telegram introduced a set of such auto-deletion features in its 2.6 release:

Read 12 remaining paragraphs | Comments

index?i=itQsFK-9aJU:x6ntvWNB6mg:V_sGLiPB index?i=itQsFK-9aJU:x6ntvWNB6mg:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments