Nathaniel Suchy, a reverse engineer and software developer, was, fortunately, able to peruse the application’s database and the messages spared there. Suchy said that “Telegram uses a somewhat difficult to read, but otherwise, not encrypted, SQLite Database to store messages. By analyzing raw data converted to a simpler viewing format, I also found names and phone numbers that could be correlated to one another. Even so, the information is not easy to read, but custom scripts could help make the details stand out in a more intelligible way and automate the extraction.”
The desktop variant for Telegram for dispatched a new feature called ‘secret chats’ for the users who wish for complete privacy for their communication. It occurred in this way, that the Telegram secure messaging app was unsuccessful in protecting the chat content locally and thusly offered access to plain text conversations and media that generally was encrypted.
Since Telegram’s attention towards administering secure communication is notable the application utilizes encryption to guarantee that an outsider can’t peruse the conversations on their way to the ‘destination’ and by using end-to-end encryption it ensures that just the sender and the receiver can get to the content.
These safety measures are against altering or breaking privacy in transit; the conversations and media files Telegram Desktop stores locally are genuinely simple to access and read since they are not encoded.
The researchers have proven the ‘secret chat’ feature as it turned out that every one of the messages goes to a similar database, regardless of whether they gain from end-to-end encryption or not. Even Media documents are not far behind as they have a very comparative destiny.
Telegram Desktop features highlights passport protection to counteract unapproved access to the application, yet this security choice does not include encryption. A technically knowledgeable and excessively inquisitive computer user could still be able to access some other users’ chats.
Ensuring the information saved locally is conceivable by empowering full disk encryption from the operating system. This is accessible on Windows through BitLocker, on macOS through FileVault; the feature is available on Linux too.