Unlikely the case, Telegram is the app that Russian government is most focused on blocking right now, it's almost impossible to use without proxy or VPN.
Not saying Durov is perfect but video you linked is about guy who has all his assets in Russia while Durov has none.
The man looks on photos like he genuinely loves his long-term girlfriend and the three kids he has with her. Kids are stupid tho. They climb on everything and fall out of windows frequently.
Durov is about as anti-Putin and russia in general as one can get. He go fucked hard in russia and has been going extremely hard against the censorship in russia. TG is one of the few chat apps that can avoid russia's suppression measures, when everything else working over internet fails.
Durov has been going hard against censorship because the pressure on Russians to switch to MAX might consign his own app to oblivion. But to call Durov “anti-Russia” when Telegram development and servers remained in Russia, is to ascribe to him a dissident status that he doesn’t actually deserve.
(Durov himself is known to regularly visit Russia, while denying he ever visits Russia. Telegram opened a Dubai office claiming that it was now a Dubai-headquartered company, but that was a mere legal formality; no one was actually there at that office, and journalists visiting it found that not even the building staff knew anything about Telegram. In practice, the company continues to exist out of Russia.)
He's been against it way before MAX was a thing. He visited russia, yes, like a lot of expats with families that are stuck back there. His last visit was in 2021, again, way before MAX was a thing.
If you ever actually lived under the regime where censorship was real - you'd be on Telegram too. When internet goes down and nothing works - Telegram keeps working.
Do you have a source for any of this? Wikipedia and news that I can find support that he fled Russia after government conflicts. It’s also well known that he keeps his and the dev team’s location secret, so anybody going knocking on incorporation addresses in Dubai then feigning surprise is acting in bad faith.
This was all over the news a couple of years ago when Russian entry/exit records were leaked. Doing a Google search for “durov visited russia frequently” will get you plenty of reportage.
"so anybody going knocking on incorporation addresses in Dubai" The point is that Telegram has repeatedly countered claims that it is a Russian app with "Actually, Telegram is a Dubai company”. People reasonably interpret that as more than a mere incorporation address, and it isn’t being emphasized enough that development is still largely done from Russia, and servers are also located there.
Half of Russian military uses it in the field. I do not care what story that guy is spreading around about his affiliations or lack of with Russia. Zero trust. Never touching Telegram.
Being attacked? That doesn't mean anything. Either you know the security domains in and out or you can't make an educated guess how secure it really is.
I was always convinced that Skype was bought by microsoft so CIA/US intelligence agencies to have listening capabilities.
The first thing Microsoft did after the Skype purchase was making it easier to tap into the calls by removing p2p calling and routing calls using centralized servers.
Too bad the author did not provide hardware specs. Such attack is even harder on DDR4 and DDR5 memory and most publications refer to legacy ram such as DDR3
> In my experience I have had the most success restarting the system while Windows is loading but before the login screen has appeared, at least in the case of finding FVEK keys.
So what is this? It was supposed to be memory attack and he's dumping the keys after someone unlocked it and it's booting?
So this is just another theoretical attack where perfect conditions must be met.
This attack has nothing to do with the memory type; memory is never made cold or allowed to decay. The system is hot-restarted into UEFI. Ideally no memory refreshes are skipped.
I do wish they provided the hardware specs too, though, as this reflects an incorrect UEFI platform implementation of MOR.
You are right, but i still have no idea what is the point of this article.
The guy unlocked the bitlocker, then restarted PC just before login screen appeared. He said that's when he had most success. What sense does it make to restart and start looking for key in memory, when bitlocker has been just unlocked.
I steal your Windows laptop. I want your data. I don't have your credentials, so can't login to Windows. I let your laptop boot to the point where Bitlocker is automatically unlocked, perform a hard reboot, dump the RAM, extract the keys, and can now decrypt your drive and extract your data.
> What sense does it make to restart when bitlocker has been just unlocked.
You steal a laptop. You turn on the laptop. You reboot it into UEFI and steal the keys. This is bad for BitLocker. Ideally this is not possible because the MOR bit should cause the keys to be erased by the platform initialization before boot-from-USB is possible.
Bitlocker is unlocked before you reach the login screen.
If I understand correctly, you need to start the PC, reboot just before the login screen appears, and boot to an USB application, which will copy the memory content.
You seem to think it's common to require a separate BitLocker unlock step. In reality, this is extremely rare: the vast majority of users have no idea about any of this and have BitLocker set to automatically unlock during system power on.
So this is a viable attack on many, many real-world systems. Adding a BitLocker password/PIN is a mitigation that prevents this attack.
Note that BitLocker is still very useful even in this mode: it guarantees that someone who steals your laptop can't just connect the disk to another system and read everything on it, unless they can actually extract the keys from RAM, or bypass Windows authentication - this attack allows them to do the former relatively easily.
Telegram outright refuses to comply with any records requests not related to child abuse or terrorism, and even those they often delay and only release phone numbers and IP addresses. They have the data and basically use grand scale legal gamesmanship to avoid data requests. See https://www.spiegel.de/netzwelt/apps/telegram-gibt-nutzerdat... or even their own official policy https://telegram.org/privacy?setln=it#8-3-law-enforcement-au.... If you actually have the data to turn over you can't do this legally.
> Direct involvement with scams? You got to be kidding me. This guy is worth 15 billion USD, he does need to do anything.
I have no knowledge about this and make no assumptions about whether or not he is involved in any kind of financial misconduct - but there are many cases of very rich people doing risky and illegal things to further grow their wealth, despite already having more than enough money.
Exploration geophysics (large area mapping in search of resources) loses money hand over fist .. it's like sinking money into lottery tickets .. and yet billionaires routinely dabble in it and a few own companies that take on contract work, lose money and act as tax write offs for other parts of their business.
It's about the contacts and the advance inside knowledge.
Circling back to an alledged "pedo web ring" ala, say, Epstein .. the big pay off wouldn't be connected to "services" and charging access to view materials, the real money (if any was being made) would be in "blackmail" and "quid pro quo" investment infomation etc.
Once a few whales are landed, say past and future POTUS candidates, C-Suites of mega tech companies, bankers, etc. what limit is there on making money from tips in exchange for keeping a few secrets?
I have zero knowledge re: the Telegram founder and any of this, but history is littered with rumours of elite clubs, cosy finnancial arrangements and getting away with the breaking of convential rules. (eg: one example: https://en.wikipedia.org/wiki/Westminster_paedophile_dossier)
This is a good point. It doesn't have to be Mullvad but it's almost guaranteed based on what we've seen in the history (see CIA + swiss crypto company) that some of the major VPN providers are managed by intelligence agencies. Either VPN companies were bought via shell companies after reaching certain market share or they were even developed
from the scratch.
This is step closer, after few more steps they'll make sure only those "approved" companies can operate email server... leading to more internet centralization.
Today, i read somewhere while watching protonmail case comments, that switzerland has quite extensive surivellance laws which include possiblity of logging whole country inbound and outbound traffic for period of 6 months.
I'm more concerned that Signal incorporated in US is having easy life.