Internet
Telegram Desktop App Found to Be Leaking IP Addresses When Initiating Calls, Company Fixes Bug
Instant messaging app Telegram, known for its end-to-end encryption features, was found to contain a bug that would leak users’ IP addresses. A security researcher discovered that the Telegram desktop app was leaking public and private IP addresses of users during voice calls. Additionally, users did not have an option to turn off the feature that could potentially leave them vulnerable to cyber-attacks. However, Telegram has reportedly fixed the bug in its latest updates. Notably, the company’s security team has awarded the researcher EUR 2,000 (roughly Rs. 1,68,900) for reporting the bug in the app.
Security researcher Dhiraj Mishra reported the Telegram bug, which he says was causing the desktop app to be leaking both public and private IP addresses during voice calls to be made over a P2P (peer-to-peer) framework. While smartphone users have the option of turning off P2P calls by changing the settings to other options by going to Settings > Privacy and security > Calls > Peer-To-Peer, there was no such option available for Telegram users on the desktop.
Photo Credit: Dhiraj Mishra/ InputZero
The voice calling feature in Telegram works by establishing a direct P2P connection between the users, thereby exchanging data packets between the two directly. Such a connection is said to directly expose the IP addresses of the users. As mentioned, Telegram app users on mobile can choose to prevent their IP addresses from being revealed by changing the settings to Nobody. According to Mishra, this option was absent on Telegram’s desktop client. This could result in all calls initiated from the desktop version potentially leaking the users’ IP addresses.
Notably, the company has now fixed the issue in the 1.3.17 beta and 1.4 versions of Telegram by adding the Nobody option in its desktop client settings. The IP address leak has received the CVE-2018-17780 vulnerability identifier and as mentioned, the company has rewarded a bounty to Mishra for his bug report. Users can now go to Settings > Privacy and security > Calls > Peer-To-Peer and set the option to Nobody.
<!–
–>
Source link
Windows 11 may not be quite ready for primetime, but Microsoft isn’t letting that stop it from launching its latest features for the hybrid workplace, including updates to Teams and new Fluid support across more apps. For meetings mixing together in-person and remote participants – which look likely to persist well beyond 2021 – Microsoft has new video calling features … Continue reading
We’ve all looked at a photograph at some point of something like the ocean, clouds, or waterfall, and for the briefest time, it almost seems like the picture is moving. Typically, that perceived motion is just a trick of our minds. Researchers at the University of Washington have developed a new deep learning method that can animate certain portions of … Continue reading
Deepfakes have been around for a while now, but recently they’ve become so realistic that it’s hard to tell a deepfake from a legitimate video. For those who might be unfamiliar, a deepfake takes the face and voice of a famous person and creates a video of that person saying or doing things they’ve never actually done. Deepfakes are most … Continue reading
Lordstown Motors woes worsen with binding order update
Lordstown Motors has dropped itself in a new set of electric truck troubles, admitting that despite what previous announcements may...
Bethesda VP offers apology for Starfield’s absence on PS5
Bethesda Senior Vice President of Marketing and Communications Pete Hines talks to GameSpot about Starfield. This week, Microsoft and Bethesda...
Apple Back to School 2021 promo adds free AirPods to select iPad and Mac
Apple has launched its new Back to School deals, and if you’ve been considering a new iPad or Mac for...
Instagram’s TikTok rival, Reels, rolls out ads worldwide – TechCrunch
Instagram Reels are getting ads. The company announced today it’s launching ads in its short-form video platform and TikTok rival,...
Microsoft Teams gets new video features, Fluid docs & digital downtime
Windows 11 may not be quite ready for primetime, but Microsoft isn’t letting that stop it from launching its latest...
-
Social1 year agoCrashPlan for Small Business Review
-
Gadgets3 years agoA fictional Facebook Portal videochat with Mark Zuckerberg – TechCrunch
-
Mobile3 years agoMemory raises $5M to bring AI to time tracking – TechCrunch
-
Social3 years agoiPhone XS priciest yet in South Korea
-
Cars3 years agoWhat’s the best cloud storage for you?
-
Security3 years agoGoogle latest cloud to be Australian government certified
-
Cars3 years agoSK Telecom and Samsung to collaborate on 5G for enterprise
-
Social3 years agoApple’s new iPad Pro aims to keep enterprise momentum