Skip to main content
banner image
venafi logo

The War on Encryption’s First Casualty? Russia Assaults Telegram Messaging App.

The War on Encryption’s First Casualty? Russia Assaults Telegram Messaging App.

Russia block Telegram messaging app
April 18, 2018 | Scott Carter

Ever since FBI vs Apple two years ago, the debate over government access to encryption backdoors has been heating up. Government officials are ramping up the rhetoric, going so far as to declare that mobile encryption was an “urgent public issue.” The debate reached a comedic peak when British MPs who were pushing for government backdoors were seen to leave their own front doors open. It’s events like this that make us wonder how much we should trust government officials, who know very little about encryption, to mandate its use. Or, in the case of Russia, to take control and enforcement into their own hands. More on that later.

Not surprisingly, most security professionals think government backdoors are a “bad idea. "If governments can access an encrypted technology, then cyber criminals may not be that far away from doing the same. The cyber security press tend to agree, expressing a marked wariness of government backdoors. But it’s perhaps the audience that matters most to government officials that they should be most concerned about. Most of the consumers (i.e. voters) that Venafi surveyed were skeptical of government backdoors.

The escalation of government intrigue about encryption has sharpened the debate. In fact, some have even called it a war on encryption. At face value, the intent of governments’ may appear noble. Their nominal goal is to improve security for citizens. But in this fight between privacy and security, it’s all too easy to envision a result where citizens lose and governments sacrifice privacy for intelligence. In fact, intelligence may be too soft a word for the type of espionage that may be implied by the recent Russian government’s attempt to blog the messaging app Telegram.

On Friday, Russia’s communication agency, Roskomnadzor, asked courts to block access to Telegram. With more than 13 million users, Telegram is one of Russia’s most popular messaging apps. Russian officials escalated their response when creators of Telegram refused to provide encryption keys, or an equivalent backdoor that would allow the Russian state to monitor texts or calls using Telegram.

Roskomnadzor launched efforts to block Telegram on Monday, April 16. Cointelegraph, reports that the authority started blocking nearly 20 million Google and Amazon IP addresses. But as of April 17, “Russia’s Telegram users say that the app still works without applying any additional means of circumventing the block, such as proxy and VPN services.”

According to The Guardian, “Telegram is widely used by the Russian political establishment, and prominent politicians and officials have openly flouted or criticised the ban. Data from the app showed several Kremlin officials had continued to sign in on Tuesday evening, four days after a court ordered the service to be blocked over alleged terrorism concerns.”

My colleague at Venafi, Broderick Perelli-Harris, wrote an excellent opinion on the Russian attack on Telegram. I encourage you to read the full article in The Hill where Broderick hints at the altogether non-altruistic intent of such a move.

“End-to-end encryption on smartphones, tablets and laptops, where only the users have the encryption keys, effectively blocks state spying. In the post-modern world, whoever controls the keys and the certificates that secure communications holds all the cards. And Telegram’s real sin is that it gives that power to individual Russian citizens, not the Russian state.”

Broderick also warns that if a government gains access to encryption backdoors, then there is an increased risk of organized criminal groups, or even contacts within the state, also gaining access to private conversations.

Are you concerned about the implications of government backdoors? Read Broderick’s opinion in The Hill.

Related blogs

Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

See Popular Tags

You might also like

Déjà Vu at LinkedIn: Second TLS Certificate Expiry in 2 Years

Déjà Vu at LinkedIn: Second TLS Certificate Expiry in 2 Years

Prepare this presentation and send it to me, once approved you can teach entire team.

Overheard at Machine Identity Protection Global Summit 2019

machine identity protection

Leaders Underscore the Critical Nature of Machine Identity Protection at Inaugural Global Summit

About the author

Scott Carter
Scott Carter

Scott Carter writes for Venafi's blog and is an expert in machine identity protection.

Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon
Venafi Risk assessment Form Image

Sign up for Venafi Cloud


Venafi Cloud manages and protects certificates



* Please fill in this field Please enter valid email address
* Please fill in this field Password must be
At least 8 characters long
At least one digit
At last one lowercase letter
At least one uppercase letter
At least one special character
(@%+^!#$?:,(){}[]~`-_)
* Please fill in this field
* Please fill in this field
* Please fill in this field
*

End User License Agreement needs to be viewed and accepted



Already have an account? Login Here

×
get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more
Chat