[영어읽기] 텔레그램 안전한가?

오늘은 아래 기사의 내용 중 일부를 발췌해서 읽어볼까 합니다. 


Why Telegram isn’t as secure as you think

Telegram is marketed as a secure messaging app and used by Hong Kong protesters, but experts say it has flaws


제목부터 매우 도발적입니다. 

Why Telegram isn’t as secure as you think

왜 텔레그램은 당신이 생각하는 것 만큼 안전하지 않은가? 
일단 안전하지 않다를 전제로 기사가 쓰여진 것 같습니다. 계속 읽어보기 전에


잠깐만, 그런데 텔레그램이 정확히 뭐지?

Telegram is a free messaging app. Just like other similar services, you can send texts, videos and other files.

The platform was founded in 2013 by Pavel Durov, a Russian entrepreneur currently in exile(망명) after a spat(싸움) with the administration of President Vladimir Putin. The company is registered both in the US and the UK, and it runs mostly on funds from Durov himself.

Telegram boasted 200 million monthly active users in March 2018, roughly 13% of WhatsApp’s user base at the time. In March this year, Telegram reported a sudden surge of 3 million new users within 24 hours when Facebook Messenger, Instagram and WhatsApp all suffered temporary outages(중단)


For one, Telegram lets you communicate with a massive number of people all at once.

Group chats on Telegram can accommodate(제공하다) up to 200,000 members, far more than on WhatsApp or iMessage. Another feature, Channel, allows messages to be broadcast to an unlimited number of subscribers. Anyone can join a public channel, while private channels require an invitation.
그룹채팅을 20만명까지 제공하고 채널방 같은 경우는 제한없는 숫자가 구독할 수 있고, 초청을 통한 프라이빗한 채널도 만들 수 있다는 점을 이야기하고 있네요. 


드디어 본론이 나옵니다. 보안성은 어떤가? 해킹이 불가능 한가?

Telegram has marketed itself as a secure messaging app. There are indeed ways to keep chats private on Telegram, but only if you know how.

Unlike WhatsApp and iMessage, Telegram conversations aren’t encrypted end-to-end by default. Instead, users have to select the Secret Chat feature to ensure only they and the intended recipient can read the message.

But even with this feature, some experts argue that Telegram’s encryption is fundamentally flawed. The service uses its own proprietary protocol called MTProto, which lacks scrutiny(검증 부족) from outside cryptographers.

Telegram’s mobile app has also been accused of exposing a crucial digital footprint called metadata. Researchers at MIT found that a hacker could pinpoint down to the second when a user goes online or offline.

A Telegram representative told us that MTProto's specifications are fully documented and that the app’s source code is open for evaluation. She also pointed out that a Telegram user can adjust their “last seen” settings to control who can see when they go online or offline. 

Still, just like with all messaging apps, there’s no foolproof way(완벽한 방식이 없다) of stopping any chat participant from taking screenshots of your conversation and sharing it with others.
상대방이 스크린 샷을 찍는 것을 막을 수 있는 완벽한 방법이 없다라는 말입니다. 

Q: Can I be certain that my conversation partner doesn't take a screenshot?

Unfortunately, there is no bulletproof way of detecting screenshots on certain systems (most notably, some Android and Windows Phone devices). We will make every effort to alert you about screenshots taken in your Secret Chats, but it may still be possible to bypass such notifications and take screenshots silently. We advise to share sensitive information only with people you trust. After all, nobody can stop a person from taking a picture of their screen with a different device or an old school camera.

The problem is that some users don’t seem to be aware of the risks of using Telegram. 

그렇다면 다른 대안이 있는 것일까요? 


WhatsApp, iMessage and Signal all use end-to-end encryption. Their protocols have been checked and praised by many professional cryptographers. Users can safely assume that their messages are private, unless their phones or computers have been compromised(감염되다 악용되다).

Still, while attackers are unable to access the content of your chats, each message actually leaves behind certain metadata. It’s possible for attackers to see whom a user has been contacting, at what time and for how long.

Signal has been exploring ways to minimize metadata exposure to keep a sender’s identity protected even if the communication is intercepted.

WhatsApp says metadata is encrypted to remain hidden from “unauthorized network observers,” but it has reportedly cooperated with law enforcement by handing over metadata. Telegram says in its Terms of Service that it may collect metadata such as IP addresses and devices, and any collected data is kept for 12 months at most.

It’s also important to note that while your chats are end-to-end encrypted, the backups may not be. Apple’s iCloud, for instance, only promises end-to-end encryption for “certain sensitive information” such as health and payment info. However, Apple has stressed that only the company itself holds the encryption key to all the other iCloud data.


자 여기까지가 기사의 주요 내용이었습니다. 
기사 내용을 바탕으로 요약해보면

1. 텔레그램은 종단간 암호(end-to-end)가 보장되지 않는다.
   별도의 비밀채팅방을 개설해야 종단간 암호가 보장된다. 

2. 텔레그램은 자체 암호프로토콜을 사용하여 전문 검증이 이루어지지 않았다.    
   검증된 암호화프로토콜은 공개되어 안정성을 수학적으로 검증한다. 

3. 화면 캡쳐를 통한 상대방과의 대화내용 저장을 막을 수 없다.    
   이는 다른 메신져도 마찬가지이다. 

4. 텔레그램은 메타데이터 암호화가 이루어지지 않는다. 

5. 대안으로는 아이메시지, 왓츠앱, 시그널 등이 있으나 각각이 완전하다고 볼 수는 없다.    
   아이메시지의 경우 종단간 암호화가 되지만 백업(애플클라우드)은 그렇지 않을 수 있다. (일부정보만 암호화)

윗 기사와 별개로 왓츠앱과 관련해서는 빈 살만 사우디아라비아 왕세자가 제프 베조스(아마존 CEO) 폰을 해킹했을 때 왓츠앱을 이용했다는 사실이 기사화 된 바 있습니다. 이와 관련해서는 다음 읽을 거리로 준비할 예정입니다. 

우리의 견문을 넓혀주는 좋은 기사였습니다. 
영어는 평생을 같이 할 수 있는 고급취미입니다. 


Designed by JB FACTORY