Skip Navigation
Jump
Telegram starts to look like a super app, echoing WeChat
  • Compared to login, MITM on registration means the culprit knows the IP address and the time of the registration, which is usually significant on claiming the account back.

    I don't have a spare number to test, but I'm pretty sure entering a phone number in the web sends a SMS code. Do you have concrete evidence that it really doesn't work?

    1
  • Jump
    Telegram starts to look like a super app, echoing WeChat
  • This actually is not a bad thing. If an unofficial client MITM the whole registration process, it's much harder for the true account owner to prove that he/she is the legit one.

    Also, it doesn't really require a client to register; Telegram can be accessed from a browser.

    3
  • Jump
    Nearly two-fifths of robberies in London last year were for mobile phones
  • Not sure about Apple devices, but for Android there's FRP (factory reset protection). Basically, if an Android phone which has FRP enabled has at least one Google account signed in, after factory reset, the phone is locked unless it signs into one of the Google accounts previously in use.

    I cannot find documents about FRP from Google, but here's one from Samsung, and I'm pretty sure it's not limited to Samsung.

    https://www.samsung.com/ph/support/mobile-devices/what-is-device-protection-or-factory-reset-protection-frp/

    10