Warm reminder regarding Telegram chat being retrieved

The (Unofficial) Telegram Support Group of Hong Kong have noticed a recent event, that Telegram chats were retrieved by law enforcement from Apple iDevices.

We would like to remind citizens of Hong Kong on the followings:

1）ALL official Telegram app does not encrypt local storage by default. In order to encrypt, user should enable App Lock, to allow the Telegram app utilize such password as the primary passphrase to encrypt the storage.

2）The saying that goes "by deleting Telegram account can remotely wipe chat history" is not fully accurate. Telegram requires internet connection between Telegram Server and the logged in sessions/devices, for the server to logoff the session and clear the database.

3）Thanks to our affiliate channel "@appleland_HK", we are aware that newer Apple iDevices (of those operating in 64-bit) receive occasional system software update from Apple. We recommend all users of Telegram to upgrade their iDevices to the latest iOS version. Below is a list of devices which is capable to receive iOS 13 updates:
• iPhone SE
• iPhone 6s & iPhone 6s Plus
• iPhone 7 & iPhone 7 Plus
• iPhone 8 & iPhone 8 Plus
• iPhone X
• iPhone XR & iPhone XS & iPhone XS Max
• iPhone 11 & iPhone 11 Pro & iPhone 11 Pro Max

4）There are discussions in the public group, saying Cellebrite tools are capable to retrieve data from any mobile phone. We have investigated this saying with our informant in the industry, and confirms that versions starting from December 2019, tools like XRY and Cellebrite PA/UFED are indeed capable to extract root filesystem from iPhone X with iOS version 13.3 beta or below, using the vulnerabilities from checkm8. Our informant further believes that Cellebrite has taken an active and core role in the development of ra1ncheck and other iOS penetration tasks, and Cellebrite is planning to release a sounded version of UFED that implements the ra1ncheck vulnerability, while not touching the evidence itself, making their tool fully compatible with legal requirements.

5）We are feeling an overwhelming trust from the Hong Kong citizens to Telegram, but it is a devious world in the field of cyber security. We urge everyone, starting from today, be skeptical to your communication model. By questioning more, you are then earning awareness to your trust model, and thus becoming more alert on suspicious environments.

Telegram (非官方)香港支援頻道

Warm reminder regarding Telegram chat being retrieved

The (Unofficial) Telegram Support Group of Hong Kong have noticed a recent event, that Telegram chats were retrieved by law enforcement from Apple iDevices.

We would like to remind citizens of Hong Kong on the followings:

1）ALL official Telegram app does not encrypt local storage by default. In order to encrypt, user should enable App Lock, to allow the Telegram app utilize such password as the primary passphrase to encrypt the storage.

2）The saying that goes "by deleting Telegram account can remotely wipe chat history" is not fully accurate. Telegram requires internet connection between Telegram Server and the logged in sessions/devices, for the server to logoff the session and clear the database.

3）Thanks to our affiliate channel "@appleland_HK", we are aware that newer Apple iDevices (of those operating in 64-bit) receive occasional system software update from Apple. We recommend all users of Telegram to upgrade their iDevices to the latest iOS version. Below is a list of devices which is capable to receive iOS 13 updates:
• iPhone SE
• iPhone 6s & iPhone 6s Plus
• iPhone 7 & iPhone 7 Plus
• iPhone 8 & iPhone 8 Plus
• iPhone X
• iPhone XR & iPhone XS & iPhone XS Max
• iPhone 11 & iPhone 11 Pro & iPhone 11 Pro Max

4）There are discussions in the public group, saying Cellebrite tools are capable to retrieve data from any mobile phone. We have investigated this saying with our informant in the industry, and confirms that versions starting from December 2019, tools like XRY and Cellebrite PA/UFED are indeed capable to extract root filesystem from iPhone X with iOS version 13.3 beta or below, using the vulnerabilities from checkm8. Our informant further believes that Cellebrite has taken an active and core role in the development of ra1ncheck and other iOS penetration tasks, and Cellebrite is planning to release a sounded version of UFED that implements the ra1ncheck vulnerability, while not touching the evidence itself, making their tool fully compatible with legal requirements.

5）We are feeling an overwhelming trust from the Hong Kong citizens to Telegram, but it is a devious world in the field of cyber security. We urge everyone, starting from today, be skeptical to your communication model. By questioning more, you are then earning awareness to your trust model, and thus becoming more alert on suspicious environments.

hottg.com/tlgrmHK_ch/20

3.3K viewsDec 19, 2019 at 10:46