Key points:

Russian-born IT entrepreneur Pavel Durov said that he was “pressured” by the FBI during his stays in America

The US government had wanted a backdoor to Telegram in order to potentially spy on its users, the social media platform’s founder Pavel Durov said in an interview with American journalist Tucker Carlson. The attention from the FBI was one of the reasons Durov dropped the idea of setting up the company in San Francisco, he said.

In an interview published on Wednesday, Durov said that he visited the US several times and even met with former Twitter CEO Jack Dorsey. He was under the watchful eye of the FBI, which made his stays in America uneasy, he said.

According to Durov, one of his top employees once told him that he had been approached by the US government. “There was a secret attempt to hire my engineer behind my back by cybersecurity officers,” the businessman said.

“They were trying to persuade him to use certain open-source tools that he would then integrate into Telegram’s code that, in my understanding, would serve as backdoors,” Durov said. He added that he believes the employee’s account. “There is no reason for my engineer to make up (such) stories.”

Extremely alarming that there is a claim here certain open-source tools act as back-doors for the western intelligence agencies but it makes perfect sense. Engineered bugs in upstream libraries and tools used by tons of commercial and open source software would always get you your best bang for the buck compromising lots of things. Unlike for example the recent xz debacle I expect these are likely much more well hidden and engineered to hide their nature as nothing but mistakes. There are multiple ways to accomplish this from having NSA/GCHQ employees working directly on these projects as core contributors to paying off or blackmailing core contributors.

I expect this particular revelation to likely be ignored by many of the usual privacy people and spaces just because Tucker Carlson (who has grown funnily more hated for interviewing Putin than anything else he’s done among liberals) was the interviewer and of course because Durov is a Russian.

(Archive link)

  • darkcalling@lemmygrad.mlOP
    link
    fedilink
    arrow-up
    5
    ·
    8 months ago

    I’ve seen this called a limited hang-out but I really don’t see the point of it.

    Unless the US has somehow developed some super secret beyond next generation sci-fi level hacking capabilities that no one else could possibly see coming and is trying to distract with these old school methods to redirect I just don’t see the point of doing this and alarming everyone, putting them on guard and creating pushes at the national level in key enemies like Russia and China to try and protect themselves with domestic production and at the level of the EU to attempt to see American tech as threatening.

    I think the safer explanation is the US is somewhat sloppy, their capitalist nature led them to outsource some of this stuff and eventually someone like Snowden who had these beliefs came into contact with it after not being screened well enough or developing them and did what he did. It’s like saying the scientists who leaked atomic secrets to the Soviets were acting at US government behest as a limited-hang-out.

    I just don’t see the point as I don’t think there was any vast exposure of this kind of thing coming from meaningful quarters. Like if the Chinese had come out with a big explosive accusation, even with evidence it would have been ignored by the western media, brushed off as propaganda and an intelligence ploy and I’m not aware of any thing in the works that would have been a bigger and more explosive exposure.

    What would be the point? More things are encrypted, more private companies and individuals take pains to use encryption less likely to be backdoored. What to push people onto Signal which is backdoored or something? When before this most people would have just used unencrypted messengers that could be subpoenaed in open court without the issues of parallel construction?

    I don’t really buy it and I haven’t seen a good argument for it.

    • tarbeez@lemmygrad.ml
      link
      fedilink
      arrow-up
      2
      ·
      edit-2
      8 months ago

      I think this is sound reasoning and mostly I tend to agree. At the same time, there is this strange inverted sense of sincerity or honesty about Western Imperialism, where it seems to need to make real its caricatures of the “Enemy” in order to substantiate its worldview and justify its actions. This often makes it hard for me to know what the play (or even the Game) is. The US Empire wants world hegemony, sure, but it also can’t get too far ahead while keeping the “Enemy” image realistic. It is worth considering how much of this plays out consciously, and to which extent, and in which (controlling or not) elements of society.

      Maybe “limited hangout” is the wrong term and overly implies direct strategic action, but there is this need, for the system to work, for things to be in constant conflict, this “Enemy” following you beat for beat, always threatening to surpass you.

      In some way, alarming everyone to the realities of mass wholesale spying, when combined with the ability to gaslight, deflect, distort, and invert and invent blame, ends up legitimizing it as a form of necessary or reasonable action. Again, not necessarily a classical “limited hangout” but it has similar normalizing effects.

      An interesting thing about Snowden is that he seems to be or have been a pretty run of the mill “US master of the world” type moron, scared of the latest muslim/chinese/russian ideological threat, willing to do anything to stop this (to his mind) legitimate threat, and then had his wordlview challenged by seeing how seeing how the sausage is made. I think he still believes in that greatness and superiority, just doesn’t think it’s enacted correctly. The base is still rotten.

      Some peripheral arguments I’ve seen made wrt limited hangout are along the lines of:

      • The encrypted services people flock to (like Tor and Signal) are developed by US int and may be backdoored

      • Migration to these services are signs of critical thinking/politicial dissidents/criminal activity, and makes it easy to filter and target those elements of society, even if all you get from those services is metadata (contact webs/networks, times, etc)

      • Having people go to these platforms and use encrypted software gives a sense of false security as the communications data is still being sent through controlled/owned/surveilled entitities, continues to create value for the Empire (data collection and just regular business), and stops true political action – controlled op basically

      • The encrypted services allows CIA etc to operate covertly more easily, same with crypto to finance operations etc

      Things of this nature. It gets a bit inviolved and conspiratorial, but worth considering, if not necessarily as actual strategically implement action, but in the sense that the society shaping effects are still there, and we are clearly far away from freely associating, speaking candidly, organizing politically etc.

      Even if directly fighting surveillance through using encrypted, decentralized platforms and so on (all of which I support), is positive change, it still has the potential to neutralize and redirect potential political action due to a sense of achievement and intellectual satiafaction when it can be argued that the fact that a tiny fraction of a percentage of peoplr bother with it just underscores the futility of it.

      • darkcalling@lemmygrad.mlOP
        link
        fedilink
        arrow-up
        1
        ·
        7 months ago

        Too many if’s to my mind for my thinking personally. They can’t control everything. If I was a ghoul and was presented with this speculative limited hang-out plan I’d immediately object that they can’t assure that some other country or genuine privacy actors wouldn’t develop and deploy some run-away popular app or platform that’s not backdoored and cause headaches.

        As to false sense of security, hardly needed. Look how many people think discord is private and secure and use it to openly do crime, to openly do other ridiculous stuff and get caught with their pants down despite discord never making any claims anywhere that it was e2e. Lots of criminals still don’t use these services, it’s hardly pushed them onto them entirely. After that encrochat affair that turned out to be a police op many of them are very suspicious of these things as well.

        If anything I think doing this would flood their fish in a barrel strategy with unwanted fish. Before this came out who used strong encryption privacy services? Pedophiles, terrorists, some small amount of political dissidents, criminals, a handful of extreme privacy practitioners and info-sec experts and followers. Who uses these services now? The above plus little Johnny who heard something about spying and is afraid of someone telling his mom he’s looking at pictures of naked women online. The above plus some corpo guy doing minor uninteresting white collar crime who thinks the extra precautions are worth it. And on and on. In other words I think if the goal was a watering hole attack type thing to get interesting types all they’ve done is pollute it with more noise.

        I just don’t see them going out of their way to sabotage the police in the way they have because even if all the major privacy services are backdoored or ops, the police still can’t get them with warrants whereas before they could. Before the police could get certain zucker-book chat data, not so much anymore now that they turned on chat encryption for some of their services. The only way I could see this making sense is if they want to use it as a part of a push to regulate and outlaw encryption entirely, to push up criminal use of these services even incidentally and get a push to bring them all under control but that’s also an if and as we see as of yet 10 years later that hasn’t materialized.

        The chilling effects argument is the only other one besides the encryption accelerationist one I think that has real merit, if they thought silencing and intimidating the populace was important given rising tensions I wouldn’t be shocked. Though the problem I have with that is why expose everything? Why expose the hardware implants via mail intercept in Cisco devices shipped to China when blowing that has nothing to do with letting Americans know of US metadata collection programs like Prism which are spying on them? That’s blowing a major foreign intelligence op and not just that making it so other countries you could have spied on won’t trust to buy these things from you given your past behavior constraining your future actions as well.