The Decentralists

Decentralists in Ukraine - Telegram from the Kremlin

March 13, 2023 Mike Cholod, Henry Karpus & Geoff Glave Season 5 Episode 4
The Decentralists
Decentralists in Ukraine - Telegram from the Kremlin
Show Notes Transcript

WIRED recently published an explosive article The Kremlin has Entered your Telegram Chat, regarding the experience of Russian rights activist Marina Matsapulina. 

Matsapulina, like most Russians and indeed most Ukrainians, was using the globally-popular Russian-developed Telegram. Equivalent to the American WhatsApp, communicating through Telegram is touted as totally private and secure. So how did the Russian secret service know her every move?

Is Telegram, the supposedly anti-authoritarian app co-founded by the mercurial Saint Petersburg native Pavel Durov, now doing the Kremlin’s bidding? Or it is compromised because its servers are located in Dubai, a known friendly nation to Russian oligarchs and expats. 

Nearly everyone in Ukraine uses Telegram - an app created by a Russian in Russia. Should Ukrainians switch to WhatsApp? Listen to this episode of the Decentralists to learn more.

00:01.60

Hey, everyone it's Henry Mike and Jeff of the decentralists. We're still in Kyiv with Mike of course. This week we would like to talk about a very very popular communication and social media app known as telegram. We're calling this episode telegram. From the kremlin yeah well ah, it's based on a a very very interesting article that was released just about I don't know a few weeks ago. Um, and it's all about the fact that people need to be very careful because let's face it.

00:39.12
Mike
That's a great one.

00:53.84
Henry
Telegram was founded by a Russian anyway. Mike I I want to get you started on this because I know you have a lot to say um, ah, but but can you give us ah a bit of a background for those that don't know. Ah what telegram is and how it differs and how the fact many people have moved to it.

01:05.81
Mike
Um, ah ah.

01:13.58
Mike
Well okay, so and I'm going to lean on Jeff to jump in here and correct me and or help me out on this. Okay, thanks on. So so basically telegram um, so so will telegram is in effect. Ah Twitter.

01:17.80
Henry
Oh yeah, he knows a lot of that about that.

01:30.73
Mike
For eastern Europe right? It's it's like a kind of because Russia's kind of been you know you had you had China that was behind their own great firewall right? Where in China there's all of these different apps like Baidu and. And Ali pay and all these other things that are essentially just clones of American software companies like Paypal and Facebook and WhatsApp and Instagram telegram is like WhatsApp kind of not not Twitter WhatsApp for Eastern Europe and it was it was a Russian. Um, copy shall we say of WhatsApp in ah programmed by a guy ah by the name of Pavel Durov who's a Russian and um, you know it's been around for probably I think it's got to be at least. Maybe as long as as almost as long as WhatsApp has been around because it was kind of a clone so it's a it's a its it works the same way. You know you have a phone number you hook up with a phone number. There's a central set of servers and all this other kind of stuff and basically if you're from eastern Europe so like. Um, everybody here. Everybody all the young kids everybody is on telegram without a doubt and maybe some of them will have WhatsApp or signal which is the other kind of similar thing right? and and that's just literally because.

02:44.14
Henry
Oh really.

02:59.10
Mike
For so many years you know the internet came from Russia and so there was Russian versions of all these programs just like there were Chinese versions in China.

03:07.15
Geoff
And I think what happened was everybody was using sms and and in Europe sms actually appeared sooner than it did in North America and and there was a very quick realization that. Sms messages all live unencrypted in servers on the carrier and the carrier being the mobile carrier and and so people said can I have something more secure and solutions like signal telegram WhatsApp came along and in the east eastern Europe they said. Oh WhatsApp that's that's not been developed by us. We don't trust it and so we're we're going to gravitate towards towards signal. Ah sorry towards telegram and signal but but towards telegram and and that's what we're going to use and I think the other thing that kind of. Separated it is on on WhatsApp you can create. You know you create a group of everybody that's in my family or you know everybody on my soccer team and and you can send group messages regardless of whether they're on an iphone or Android or whatever. Um, but.

04:16.10
Henry
Right.

04:21.70
Geoff
But telegram also had sort of these channels that you could create similar to what Mike was saying about Twitter where you could have thousands of people in these channels. So it it kind of became a de facto you know social network. So as.

04:24.00
Mike
Correct correct.

04:30.28
Mike
Threat.

04:38.16
Geoff
When the war first you know when migrants are trying to escape Syria or trying to escape Ukraine or so on there were a year ago there were channels that would say this is where you can get out and this is where the Russians are moving and this is what's happening and ah and so.

04:53.56
Mike
Direct.

04:55.22
Geoff
It became more flexible than sms and there was a belief that it was more secure than sms because you know there was a belief that it was encrypted and because it wasn't from the west because then subsequently um Zuckerberg and Facebook bought WhatsApp.

05:11.92
Henry
Right.

05:14.49
Geoff
And um, and then the other catalyst to this was to to ah a rapid growth in telegram was probably two years ago now maybe eighteen months ago Facebook announced that. Ah, you'd have to accept these new terms and conditions if you wanted to keep using WhatsApp and ostensibly these conditions said that they would release some of your information to businesses if you were using the business features in WhatsApp. So outside of North America if you want to um, talk to an airline. For example, you can chat with them through WhatsApp and that occurs through the WhatsApp business interface and to do that.

05:47.96
Mike
Um, but.

06:04.32
Geoff
WhatsApp has to obviously release your name and phone number and things to the business. So it'll work. So Anyway, you had to agree to these terms people got very upset about that So It created a tremendous uptick in users using platform psych signal And. Um, and telegram because they thought they were more secure and and ironically which is what we're about to get to in a moment turns out particularly telegram Appears. We don't know allegedly appears to be considerably less secure and there's a number of.

06:23.80
Henry
You're right.

06:24.10
Mike
Gradually.

06:36.15
Mike
Um.

06:40.78
Geoff
Strange things that are going on that seem to suggest that the people in Red Square have access to what are supposedly secret private messages on telegram.

06:47.51
Mike
Have.

06:54.70
Henry
Wow. Well one of us 1 of you tell us about that the article in wired um ah regarding the story of Marina Mezzopelina

07:00.57
Mike
Um, no no.

07:04.98
Mike
Right? Yeah, well so so basically you know so so let me look so there's an urban I don't know if it's an urban myth. Okay, or if it's reality all right, but surrounding telegram a few years ago um and this was. Back when it was still fairly new and I was still dabbling around in all of this early bitcoiny type stuff so I was seeing all these different messages on all these different. You know, kind of eclectic weird decentralized platform things and i.

07:35.70
Henry
Ah.

07:38.53
Mike
Back then the the scuttlebutt was that Pavel Durov who who is part of his urban legend. He was a contrarian to the regime so he was a Russian that wasn't actually a fan of Putin's but apparently um, you know.

07:50.18
Henry
Right.

07:57.14
Mike
They sat him down at a table in a restaurant slid a piece of paper across to him and said sign this and give it to us so they be you know he basically was like take $100000000 for telegram. Um, or you'll won't you won't see the back end of this restaurant like you'll you'll never leave right? and so so subsequently Durov left Russia and has taken the has has allegedly taken the servers and put them in Dubai. Okay.

08:17.10
Henry
Is that right.

08:32.65
Henry
Ah.

08:34.63
Geoff
And the bastion of freedom and democracy called Dubai. Yes.

08:34.97
Mike
And and so you might think Dubai totally and so Geoffrey you you can. You can you can perhaps enlighten everybody on what on what happened to Blackberry in Dubai.

08:50.34
Geoff
So it was so blackberry um, and and it's kind of funny because so blackberry this is probably fifteen years ago now had a had an encrypted had the first encrypted.

08:59.13
Mike
Um, yeah.

09:06.84
Geoff
Quasi peer-to-peer I say quasi because there was still a centralized server but it was as peer-to-peer as it could have been back then? um, messaging service where you could you could send a message from 1 blackberry to another that was 100% encrypted and.

09:09.61
Mike
Um, yeah.

09:22.53
Henry
Um, oh yeah I remember that.

09:23.72
Geoff
And what's kind of funny is you may not remember this Henry but you were actually the person that set it up for me on my very first blackberry because that's right, you had to send it. You had a pin code and and that was how that was how they decentralized it sort of by instead of tagging tying it to my phone number.

09:24.50
Mike
Um, right.

09:27.77
Henry
I Actually do because you had that code.

09:37.81
Mike
Um.

09:43.50
Geoff
They tied it to this to this coat and um and it allowed 4 messages to go back and forth that were not sms and this would be before WhatsApp before these other platforms Facebook Messenger was was kind of around but it was hardly secure and. And um and nations like Dubai and other nations like India I think ah basically cracked down and said if you want to sell blackberries in our country you are going to give us the decryption key so we can can read these things and um, yeah, and so.

10:06.62
Mike
With her.

10:15.38
Mike
Um, ingo.

10:15.44
Henry
Oh boy.

10:21.20
Geoff
You know, just just demonstrating that that if you you know if you value privacy you put your server in Finland you don't go put it in Dubai so you know it is something it just doesn't just doesn't add up. Yeah.

10:31.70
Henry
Um, yeah, that's right, it's.

10:33.15
Mike
Um, well totally or Switzerland right? and and so so so so to your point Henry to to take this back to the beginning. So now you've got a Russian technology that theoretically is owned by the Kremlin that is got its servers in Dubai. Which means that the emiratis at the very least have the encryption key for all of the messages on the server and if the Emiranis have it you can guarantee you the Russians have it because it's one of the few places where all the Russians who have money and have left the country are is in the emirates. Okay.

10:53.15
Henry
Oh brother.

11:04.83
Henry
Of course.

11:10.55
Mike
And and so you know it kills me because I sit around here and I see all of these Ukrainians including Zelinsky and and and the you know the generals and the all of this stuff. It's all communicated via teleman because the audience are all on telegram. But it's a.

11:25.30
Henry
At least their public communications.

11:29.80
Mike
He's but it's all complete you might as well assume that Putin's got all of the messages. Okay, and so this is to the point in the wired article where you had this this this woman who was a in the early days of the war wanted to protest this this war against Ukraine.

11:33.43
Henry
No boy.

11:45.67
Henry
Right.

11:49.28
Mike
And she's she's like she doesn't even I don't even think she actually even left her apartment. She sent some message to some friends on teleran says. Ah I'm thinking about going down protesting or whatever it is and then all a sudden starts getting knock at the door. Do do do do. It's the cops say don't do do do and and she's like she said she turned all the lights out she sat in her room. She's freaking out.

11:58.17
Henry
Yeah.

12:08.33
Mike
And she was like messaging her friend. She's like I'm just going to ignore them. Maybe they'll go away. They sat at her door for 9 hours that day. Not she didn't know this kept knocking the door eventually bust into her place in the middle of the night because I guess that's more dramatic to to swat guys from the national police to you know.

12:13.72
Henry
Um, because they could see what she was texting. Yeah I know yeah.

12:28.90
Mike
Black freaked trench coat wearing guys from the fsb which is the Kgb and 2 kind of like I don't know what the hell the other 2 guys were and they basically they they arrest her for being um for kind of like treason terrorism against the Russian state. Whatever. And 1 of the guys stands there and he literally takes his phone and he shows it to her all of her messages everything she sent and received from her friends and so basically not only is is he got all of her messages every one of her friends. She's been communicating with is now completely screwed. Okay, so.

12:48.36
Henry
Incredible.

13:00.23
Henry
Um, oh.

13:04.45
Mike
You know? and and I mean I think she eventually did somehow get out of the country right? like I think they just scared the crap out of her and then you know she's she just like the moment those guys left she went downstairs got in you know, got a suitcase got in her car and you know walked across the Estonian border or something but but the truth of it is is that this is a this is a platform.

13:17.92
Henry
Um, yeah.

13:23.54
Mike
That has the architectural problem in that it's sent in it. It is centralized. Okay, meaning that there's a server somewhere that's matching people up. It's it's matching people up based on a very easily traceable identifier a phone number right.

13:32.70
Henry
Yep.

13:42.67
Mike
Okay, and it's matched so it's matching people up based on a phone number which I mean how hard is that to track and you know it if it it's It's supposed to be end to end encrypted but the but you know the middle part between the end and the other end.

13:45.94
Henry
Yeah.

14:00.18
Mike
Is Red Square So you know.

14:01.60
Geoff
Well, it's ah well, it's it. The the thing I hate to say good things about Facebook and I hate to say good things about Mike's Mark Zuckerberg but but what WhatsApp you know is end to end encrypted.

14:09.45
Mike
And so do I.

14:09.69
Henry
I know.

14:17.19
Geoff
To the point where even the and nsa has said to ah US government workers for no, you can you can use this for like lightly secure. Whatever you can, um even the nsa has kind of rubber stamped it now. Maybe that's because and nsa has a back door but that's another topic for another podcast one day.

14:29.25
Mike
Correct.

14:36.37
Geoff
Um, whereas with telegram messages are not by default end to end encrypted you have to you have to turn that on and there's it. There's a hidden button and yeah, and then.

14:42.61
Mike
That's correct.

14:43.57
Henry
I Thought there's a hidden button there.

14:46.50
Mike
And I don't think it works at it I don't don't think it works in the group function.

14:52.82
Geoff
And then the other thing is all this stuff resides on the central servers unencrypted um whereas with WhatsApp You know if I send you a message and your phone is off it lives in the WhatsApp server until you come back online but it lives on there as encrypted gibberish and this.

14:59.81
Henry
Are.

15:10.80
Geoff
This quote from the article this. Ah, let you know if it alleged to be true. Um, just blew my mind and I'm just going to quote it from the story telegrams messages are accessible to people inside the company every message photo video doc sent received for the past ten years

15:18.20
Mike
F.

15:26.70
Mike
Excuse.

15:27.95
Geoff
All your contacts group Memberships etc are all available to anyone who has access to that database. So anyone who works for telegram can just read that stuff Now you know it's just that you know.

15:34.44
Mike
Good god.

15:34.50
Henry
Glad I don't use it.

15:44.24
Geoff
It's just it's just mind blowing and again it comes back to this. You know this problem with centralization where if these messages were bouncing peer-to-peer over the Tor Network For example, um, or I guess we're supposed to say over to don't want to get the tor purist upset.

15:58.13
Henry
Aha.

15:59.32
Mike
Um, yes, yes.

16:03.99
Geoff
Um, but for lay people will say Tor Network Um, if it was bouncing encrypted peer to peer across Tor then um, then nobody nobody would be able to read it. Um, yeah, right? But but you know, but but here.

16:14.20
Mike
And they aren't anywhere they don't actually sit anywhere.

16:18.48
Henry
That's right I mean honestly.

16:22.69
Geoff
Um, you know here they're they're they're living in in this server so these these you know this company telegram who has basically said hey you don't trust sms and you don't trust Mark Zuckerberg you can trust us. You know if what's in this story is to believe be believed and certainly there's a lot of damning circumstantial evidence then you know then they are they are not trustworthy at all and and the other point I'd make and you've heard me harp about this on other podcasts in the back in the past which is.

16:44.88
Mike
The hook.

16:57.16
Geoff
If something is 100% free where you know where are they earning their money. Telegram has millions of users and only 60 or 70 employees. Nevertheless those employees need to be paid.

16:57.53
Mike
Um, totally.

17:01.64
Henry
Exactly.

17:14.51
Geoff
Got tremendous bandwidth costs. They're operating servers they're doing all this but you can just download telegram Henry and I can send you a message and it's completely free and I can set up that I can do whatever right? So again I'm always suspicious when I say and WhatsApp similar story except WhatsApp has you know.

17:16.12
Henry
Her her. Oh yeah.

17:22.90
Mike
And here.

17:33.49
Geoff
Ah, trillion dollar company of Facebook behind it keeping the lights on so but but like how does telegram keep the lights on how do they keep the service running. How do they do all this stuff if signal has you know this billionaire? um.

17:35.24
Henry
And very public spotlight on it.

17:35.29
Mike
Totally totally.

17:51.17
Mike
Yep former WhatsApp founder.

17:52.63
Geoff
4 number WhatsApp founder billionaire ah patron who is just pouring money into them but where is telegram getting its money and that's the other thing that I that that always causes me to to become suspicious I see.

18:04.22
Henry
Yeah.

18:05.18
Mike
German oil imports. Apparently right, you know I mean but it's it's true, right? and and and and and so you know the like there's there's this is so to me right? the in and I I literally I go nuts. Right? I go nuts on the on the guys sometimes guys and girls downstairs and stuff in the fact that you know everything else in this country that is in Ukraine right now that is Russian is persona non brought right? but everybody's on telegram. Okay.

18:35.32
Henry
Um, yeah, well it's it.

18:40.63
Mike
And I am like you guys know this is Russian right? and they're like yeah I'm like well like seriously you keep using it right? you know and and and and and it shows you to to Jeff's point right? Oh it's free and I you know everybody I know is already on it.

18:45.33
Henry
Yeah, yeah.

18:59.65
Henry
Um, I mean you know? ah.

19:00.49
Mike
So you know but blah blah I'm like yeah but the you're supporting the Russians and they're fucking sorry excuse my language they're killing people on the other side of the country.

19:07.44
Henry
Yep.

19:08.13
Geoff
And a similar and a similar thing happened ten years ago with um Kaspersky labs the antivirus people where they're like we don't trust the west. We don't trust Norton we don't trust semantic.

19:16.52
Mike
Yeah, right right.

19:24.49
Geoff
And again none of these people are lilly white clean. None of them are perfect but we don't trust Microsoft so we're going to go with Kaspersky because it comes out of Russia and those guys are really smart and we can trust them and there was just this constant set of weird rumors and things where a new virus would appear.

19:26.26
Henry
Correct.

19:35.70
Henry
So.

19:42.38
Mike
Have.

19:44.32
Geoff
And surprise surprise Kaspersky was the only company that was able to knock it down for a week or a new zero day a new 0 day exploit appeared and oh it was Kaspersky who first found it and you know, never any you know, never any proof and again this is all.

19:47.13
Henry
Hey.

19:48.41
Mike
Totally. Are.

20:02.80
Geoff
Alleged Kaspersky don't send your lawyers after me, but you know when when Henry Mike and I all met working for an it security company and we just kept seeing this over and over again and it was was certainly a coincidence shall we say.

20:10.57
Henry
Um, yeah.

20:12.25
Mike
Yes.

20:17.47
Henry
Um, well do you think the world needs our decentralized peer-to-peer communications app Now that we're developing for you know Ukrainian displaced people.

20:26.53
Mike
Well absolutely. But I think before you know and it needs profoundly before that is the world needs to give its head a shake right? I mean people need to really and you know I granted on this millions of times I mean it's like you know I feel like a broken record.

20:33.77
Henry
Um, yeah.

20:45.80
Mike
But people need to really stop and think about this stuff people really need to you know if Ukrainian people who basically are at war with Russian with Russia and and all of their families and friends have splintered. Um, you know with with the with their Russian friends and family are gone and everything like they've gone that far. Um you know people need to get away from this like convenience being the most important thing in their life and and it's free. Ok.

21:14.88
Henry
Exactly.

21:22.13
Mike
You know, imagine going to a grocery store. Well if you go down this aisle Henry there's the meat that's free and then there's the meat that costs you $2 and you're going to have to kind of wonder what you're getting in the meat that's free aisle right. And and you know what I mean like he he's one of those ones like I know henry you're cheap and you would immediately go for the discount. But I mean you know if you walk in and you see something that will kill you like milk right? um meat things like this and you've got like it regular. It's a $10 steak and now it's on for like minus 75% to me that basically means you're taking your risk your life in your own hands by eating consuming that steak. Okay, and and the and the truth of the matter is people need to stop thinking about the the importance of their connections their connections to their family to their friends to the to the to the to the.

21:58.40
Henry
Yep yep.

22:13.90
Henry
To the world. Really.

22:15.92
Mike
Organizations and things that are valuable to the world to everything that's valuable to them. They need to start saying if it's really valuable to me I need to know where everything is I need to know who owns my connections if it's not me where are they? how are they secured and. To Jeff's point how are those 50 people that work for that company actually paying to eat. We all need to own our own connections. Absolutely and until it's what here we can.

22:37.33
Henry
Yeah, well we need to own our own connections.

22:41.84
Geoff
And and you and you have to remember you have to remember if you are not the customer then you are the product.

22:47.57
Henry
Yeah, yeah, yeah, you always say that and it's true. Jeff.

22:52.69
Mike
It's totally true. It's totally true and and I mean unless you're out there and if you're out there right now. Think it to yourself but I like being a product give your head a shake.

23:05.66
Henry
Well yeah, absolutely as we're doing oh boy Well guys. Thank you? Ah, you did get a little fired Well I don't blame you? Um, um, and and and then there's a philosophical ah question.

23:06.68
Mike
And then we'll come back to you with something that'll help you and not be a product anymore I will fired up on this one there Henry.

23:14.50
Geoff
Now.

23:21.58
Mike
Um, told told it don.

23:22.79
Henry
Why support telegram if it's Russian and they are killing babies Anyway, um gentlemen. Thank you? Um I certainly encourage ah those to read that article in detail and wired um because.

23:37.46
Mike
Ah, all I'll attach a link to it in the right up to this podcast. So if you're listening to it. You'll see a link in the you'll see in the right up.

23:40.23
Henry
Yeah I'm sorry I forgot who wrote it but they did a great job. Okay, direct. Ah, ah Mike thank you Jeff your ah input is so valuable as as always ah gentleman will catch you later and Slava Ukraini!

23:47.25
Mike
All generate.

23:53.60
Geoff
And I'll say it I'll say it every week to our man in Kiev stay safe bye.

23:56.36
Mike
Slava Ukraini! Thank you Heroiam Slava!