Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Telegram fixes IP address leak in desktop client
#1
Quote:Telegram users who specifically utilize the application for its anonymity features are advised to update their desktop clients as soon as possible to patch a bug that will leak their IP address in some scenarios.

The bug was found by Dhiraj Mishra, a bug hunter from Mumbai, India, and was patched by Telegram with the releases of Telegram for Desktop v1.4.0 and v1.3.17 beta.

Mishra told ZDNet that he discovered that under certain conditions, the Telegram desktop clients for Windows, Mac, and Linux would reveal users' IP address, even when the client was configured to protect this information.

The leak, Mishra said, happened only during voice calls, and occurred even when the "Peer-to-Peer" connection type option was set to "Nobody." This is a big deal, as this option is intended to mask the IP addresses of the two users calling each other.

Under normal circumstances, Telegram's voice calling feature works by establishing a direct IP-to-IP (or peer-to-peer) connection between the two users, and exchanging data packets between the two directly.

Source: https://www.zdnet.com/article/telegram-f...op-client/
[-] The following 2 users say Thank You to silversurfer for this post:
  • harlan4096, wwd
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
The slowest Meteor Lake spotted: Intel C...
Intel Core Ultra 5...harlan4096 — 12:47
Microsoft Edge fixes 0-day vulnerability...
Microsoft released...harlan4096 — 10:12
AnyDesk 8.0.9
AnyDesk 8.0.9:   ...harlan4096 — 10:10
AMD Confirms RDNA 3+ GPU Architecture F...
AMD Zen5-based Strix...harlan4096 — 10:08
Adobe Acrobat Reader DC 24.001.20629 (Op...
Adobe Acrobat Read...harlan4096 — 10:06

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
There are no staff members currently online.

>