It is currently 18-08-2017 11:44

Telegram for Mac OS vulnerability has been discovered

Telegram for Mac OS vulnerability has been discovered

by sigismund » 2016-07-26 00:24:05


Telegram writes every inserted from the clipboard a message in syslog.


The information security expert Kirill Firsov found a dangerous vulnerability in Telegram for Mac OS that allows you to record every insert from the clipboard a message in syslog, even in secret chats. About it Firsov said on his Twitter page.

According to Pavel Durov in the response., this problem affects only Telegram Messenger for Mac OS, and is not related to Telegram Desktop. Durov also noted that apps can only write to syslog and have no right to read messages.

"Imagine if the police seized your laptop after you delete a secret chat, and it turns out to syslog, you can still find a lot of data," commented Firsov.

Since Firsov first wrote about an existing bug in Twitter, but did not notify the manufacturer, the representatives of the Telegram refused to reward the expert for the discovered vulnerability. The developer of Telegram for Mac OS Mikhail Filimonov said. in a personal letter that a hotfix will be released in the near future.
sigismund
moderators
Сообщений: 788
Депозит: 0 BTC

Rating: 5