Why use Telegram unsafe?

Telegram has become a helpful tool for obtaining data for criminal cases for law enforcement in Authoritarian regimes. Discussing things that may cause reprisals, use Telegram cautiously. The recommendations are based on the life cases on user security in Belarus and abroad by Digital Skills Coalition Belarus.


  • What is the problem? Telegram is a safe messenger
  • Top 5 ways to find you
  • What’s new with the law enforcement agency’s operations against protesters?
  • What to do if a data leak does occur?
  • What if I’m abroad?

What is the problem? Telegram is a safe messenger

On the one hand, Telegram declares itself in this way. On the other hand, ensuring the safety of user information is not its primary task.

For residents of Belarus, using Telegram is risky unless it sets a secure configuration. The fact is that it is convenient for the security forces to identify the protesters because of the popularity of this messenger.

They conduct a search, seize equipment and gain full access to the contents of the messenger with the help of specific means or, in an old-fashioned way, with the use of threats and torture. Special tools allow law enforcement officers to quickly download all data from the device.

Analysis of communication, photos, and videos on the device and contact list in the address book easily allow you to open the activist’s communication circles, identify chat and channel administrators, and find people who sent information to protest or extremist channels.

The number of criminal cases due to Telegram use is significant; without it, there could be fewer.

Top 5 ways to find you:

One of Telegram’s claimed advantages is anonymity, which is a myth. But telegram users can achieve a certain level of anonymity, but it requires certain efforts from the user. He needs to hide at least his name and phone number (and take care of other aspects).

Law enforcement can identify telegram users in different ways. The first way is if the user did not hide the username and phone number. You can easily find the phone number or other personal information in the users’ database traded by data brokers.

A data broker is any user on the Internet willing to share a new or not-so-up-to-day database of personal data for money. A classic example is an Eye of the God service, a chatbot – that is connected to aggregates a database of leaked passwords and other user identifiers. For a small fee, you can find out what the “Eye of God” knows – logins, passwords, profiles.

Secondly, the user can be identified through friends if a friend was searched by law enforcement. Even if you are anonymous, you can be listed in someone’s contacts by name and surname, with an address or place of work.

The third way is by uploaded/downloaded files using DPI tools (Deep Packet Inspection). Suppose the telegram administrator uploads a file to the Telegram channel without using VPN. At the national service provider level, you can find a person who uploads the file at first.

The fourth way is using a SIM card. Most users use Belarusian phones and SIM cards for Telegram. In such cases, law enforcement agencies can duplicate the SIM card or seize (when detaining and seizing the device) the user’s SIM card and insert it into another device.

All communication can be easily accessible on a new device if the Telegram account does not have two-factor authentication.

And fifth – any user can be found by a unique Telegram ID record created during registration.

To summarize, the state understands that users use Telegram. Law enforcement services buy special tools and use them to get and quickly process data by keywords, or if we are talking about photos or videos, by dates.

What’s new with the law enforcement agency’s operations against protesters?

The algorithm of actions of law enforcement agencies during detention is constantly updated. Before Telegram became the popular protest messaging app, the police stopped people with no telegram search. Now they began to look for subscriptions to extremist channels on Telegram.

Methods are constantly improving: now, one of the ways to identify protesters is to check blocked contacts in the Telegram settings. Chatbots usually end up there when we try to remove them.

Now they also check Telegram by typing the word “bot” in the search – then the messenger shows all the chatbots you have ever used. Accordingly, if a user has ever opened an extremist chatbot or sent information there, then this is visible.

The most reliable way to deal with this now is to log out of Telegram and use any other messenger that supports end-to-end encryption: Signal, Wire, Wick Me.

If you have to use Telegram, it’s better to have separate accounts or devices for different needs. One is secret, and the other – can be safely unlocked and given to law enforcement for viewing.

The secret Telegram should be different from the usual one:

The Telegram privacy settings for surviving:
If you are in Belarus, you always have to use VPN
You should delete your telegram account annually (weekly/monthly). That will allow you to renew your unique telegram identification – Telegram ID. In the Telegram version for IOS 8.8.3, it became possible to delete an account from the Telegram application/privacy / if I do not log in / delete the telegram account now.

What to do if a data leak does occur?

It’s better to assume that law enforcement has the means to siphon data from your device or account. Law enforcement could copy all your data from the device even if access were for 5 minutes.

The ideal option is to enable auto-delete messengers in all chats daily/weekly, depending on the potential danger. In this case, law enforcement officers will intercept only for a week or day, And you will be aware of what was in this correspondence. After all, the most dangerous thing is when communication is stored for an extended period, for example, for a year.

It is important to note: when they came to you, they confiscated the phone and pumped out your correspondence – this is not the worst thing. Your communication network can be compromised and prosecuted – that is terrible.

To protect user is better to use two Telegram accounts – secret and public. Or do not use Telegram to communicate with those you need to secretly. The police do not have algorithms to check other messengers – and there are a lot of them.

The repressions have been going on for two years, but in practice, people are not ready for the primary threat – police search. Police can come to anyone: high-level officials, activists, or businessmen. To ensure safety, you can search, check, and clean your digital devices.

What if I’m abroad?

If you are abroad, then you are not threatened with a search. But otherwise, the security requirements are still relevant: people outside Belarus still have friends and colleagues inside, especially those involved in the diaspora or social and political activities abroad.

Your device can be stolen (in this case, encryption will secure your data from unauthorized access, and you should be able to erase your data remotely). Spies, can get into an initiative or organization and gain unauthorized access to devices – for such cases, you need to set device password protection and should develop and install organizational access policies.

If you are afraid that an adversary can install spyware on your devices – there is no simple advice. In this case, it is necessary to invest more resources in security, depending on the nature of the activity.

#Telegram #instruction #digitalsecurity

Leave a Reply