ICO is canceled? In Telegram service, Passport found a critical vulnerability

Date:

2018-08-02 23:15:05

Views:

550

Rating:

1Like 0Dislike

Share:

ICO is canceled? In Telegram service, Passport found a critical vulnerability

Last week, the Telegram messenger has presented the Passport service to store users ' personal data. One of them including includes the passports and other documents, which may require banks and other institutions. The company promised that the information will be securely encrypted.

After a few days, the researchers from the Security company Virgil found out that the service is vulnerable to so called brute force attacks (brute force). About it writes .

How safe Passport from Telegram

On this Virgil Security, the vulnerability lies in the technology of storing passwords. Telegram uses a hashing algorithm to SHA-512, which is not designed to hash passwords. This error makes passwords are insufficiently protected, even if they are "salted" — that is, have a secret numeric sequence at the end of a set of numbers and letters.

The security of the data you upload to the cloud, Telegram, greatly depends on the degree of security of your password because of brute force attack is very simple to implement this hashing algorithm. And the lack of a digital signature allows you to change your data without your participation.

This means that the new service from Pavel Durov is not secure enough — users need to think before upload their own personal data. At least, until such time as the Telegram does not provide official comments or does not correct the problem.

Managed to subscribe to the service? Share your experiences and thoughts .

Recommended

Rally Bitcoin — deception. Well-known economist advises to invest in gold

Rally Bitcoin — deception. Well-known economist advises to invest in gold

Director of Euro Pacific Asset Peter Schiff does not see anything supernatural in growth . Recall that the main cryptocurrency has already risen by 179 percent since the beginning of 2019 and is now trading at the level of $ 8540. According to Schiff...

May 2Miners: run pools Aeternity, the debut 2CryptoCalc and software upgrades

May 2Miners: run pools Aeternity, the debut 2CryptoCalc and software upgrades

the Last month of spring proved to work. The team started working on launching (AE), the addition of which the majority voted representatives of the community. Calculator profitability of mining Alexei Rubin moved to the domain and now will develop e...

CRYPTOMACH / Maximum exchange rate of Bitcoin in the future, the output of the crypts on the map, Ycash and the Board of Finance

CRYPTOMACH / Maximum exchange rate of Bitcoin in the future, the output of the crypts on the map, Ycash and the Board of Finance

the long-awaited summer. Niche cryptocurrency supported the event and gave unusually hot week. During the last seven days, we learned about the new line of graphics cards from AMD, the mining in TON and hard forks . In addition dealt with the profita...

Comments (0)

This article has no comment, be the first!

Add comment

Related News

Hacker 1337. How to hack Etherscan not to cause any harm

Hacker 1337. How to hack Etherscan not to cause any harm

Monday on the website Etherscan.io appeared a pop-up message with the numbers 1337. The visitors began to panic and spread rumors about hacking Explorer. really hacked, but the damage from a hacker attack was zero. About it writes...

Proud: the number of mining companies in Russia grew 15 percent year over year

Proud: the number of mining companies in Russia grew 15 percent year over year

In January, private investors for the first time in Russia, two plants for mining. It was about Kizelovskaya GRES in the Perm region of the 23.6 MW CHP and Sarapul in Udmurtia 10 MW. because Of relatively inexpensive electricity, ...

How to protect your wallets from hacking: six non-obvious ways

How to protect your wallets from hacking: six non-obvious ways

a study by the American company Foley & Lardner showed that 71 percent of large traders and captainvalor considers hacking attacks and fraud are the most serious factor that has a negative impact on the market. Respondents no...