Internet
Telegram Desktop App Found to Be Leaking IP Addresses When Initiating Calls, Company Fixes Bug
Instant messaging app Telegram, known for its end-to-end encryption features, was found to contain a bug that would leak users’ IP addresses. A security researcher discovered that the Telegram desktop app was leaking public and private IP addresses of users during voice calls. Additionally, users did not have an option to turn off the feature that could potentially leave them vulnerable to cyber-attacks. However, Telegram has reportedly fixed the bug in its latest updates. Notably, the company’s security team has awarded the researcher EUR 2,000 (roughly Rs. 1,68,900) for reporting the bug in the app.
Security researcher Dhiraj Mishra reported the Telegram bug, which he says was causing the desktop app to be leaking both public and private IP addresses during voice calls to be made over a P2P (peer-to-peer) framework. While smartphone users have the option of turning off P2P calls by changing the settings to other options by going to Settings > Privacy and security > Calls > Peer-To-Peer, there was no such option available for Telegram users on the desktop.
Photo Credit: Dhiraj Mishra/ InputZero
The voice calling feature in Telegram works by establishing a direct P2P connection between the users, thereby exchanging data packets between the two directly. Such a connection is said to directly expose the IP addresses of the users. As mentioned, Telegram app users on mobile can choose to prevent their IP addresses from being revealed by changing the settings to Nobody. According to Mishra, this option was absent on Telegram’s desktop client. This could result in all calls initiated from the desktop version potentially leaking the users’ IP addresses.
Notably, the company has now fixed the issue in the 1.3.17 beta and 1.4 versions of Telegram by adding the Nobody option in its desktop client settings. The IP address leak has received the CVE-2018-17780 vulnerability identifier and as mentioned, the company has rewarded a bounty to Mishra for his bug report. Users can now go to Settings > Privacy and security > Calls > Peer-To-Peer and set the option to Nobody.
<!–
–>
Source link
The mobile iteration of EA Games and Respawn Entertainment’s Apex Legends has been released for iOS, iPadOS, and Android devices of all sorts.
The PlayStation 5’s DualSense controller is an excellent device, but as with any gadget, it can present issues at times. Fixing them is usually simple.
Clearing the cache on your Mac will have the same benefits as with any other device. However the steps are a little more involved.
Buffalo shooter invited others to his private Discord ‘diary’ 30 minutes before attack – TechCrunch
Discord has provided more insight into how the shooter who opened fire in a Buffalo, New York supermarket over the...
North Korea’s COVID outbreak taking “favorable turn” as cases exceed 1.7M
Enlarge / People watch a television broadcast showing a file image of North Korean leader Kim Jong Un during a...
How To Back Up Your Mac To iCloud
iCloud can come in clutch in a variety of situations. For example, you may not need to wrestle with Migration...
Apple details new iPhone features like door detection, live captions
Door detection will use the lidar scanner and machine learning to identify doors and relay information about their location, labeling,...
The Real Reason Betamax Lost The Format Wars
JVC officially announced the VHS-format VCR in 1976 and with two formats on the market, both sides dug in (via...
-
Social2 years agoCrashPlan for Small Business Review
-
Social1 month ago
Web.com website builder review
-
Gadgets4 years agoA fictional Facebook Portal videochat with Mark Zuckerberg – TechCrunch
-
Mobile4 years agoMemory raises $5M to bring AI to time tracking – TechCrunch
-
Cars3 years agoWhat’s the best cloud storage for you?
-
Social4 years agoiPhone XS priciest yet in South Korea
-
Security3 years agoGoogle latest cloud to be Australian government certified
-
Social4 years agoApple’s new iPad Pro aims to keep enterprise momentum