Telegram群组资源大全问:电报的安全性如何?
Telegram比WhatsApp和Line等大众市场Messenger更安全。我们基于MTProto协议(请参阅说明和高级FAQ),该协议建立在经过时间检验的算法基础上,以使安全性与高速传输以及弱连接的可靠性兼容。我们一直在与社区合作,以提高协议和客户的安全性。
Q: How secure is Telegram?
Telegram is more secure than mass market messengers like WhatsApp and Line. We are based on the MTProto protocol (see description and advanced FAQ), built upon time-tested algorithms to make security compatible with high-speed delivery and reliability on weak connections. We are continuously working with the community to improve the security of our protocol and clients.
问:如果我比普通用户更偏执怎么办?
我们已经覆盖了您。电报的特殊秘密聊天使用端到端加密,在我们的服务器上不留痕迹,支持自毁消息,并且不允许转发。最重要的是,秘密聊天不是Telegram云的一部分,只能在其原始设备上进行访问。
Q: What if I’m more paranoid than your regular user?
We’ve got you covered. Telegram’s special secret chats use end-to-end encryption, leave no trace on our servers, support self-destructing messages and don’t allow forwarding. On top of this, secret chats are not part of the Telegram cloud and can only be accessed on their devices of origin.
问:那么您如何加密数据?
我们支持两层安全加密。云聊天(私有聊天和群组聊天)中使用服务器-客户端加密,秘密聊天使用客户端-客户端加密的附加层。所有数据,无论类型如何,都以相同的方式进行加密-无论是文本,媒体还是文件。
我们的加密基于256位对称AES加密,2048位RSA加密和Diffie-Hellman安全密钥交换。您可以在“高级常见问题解答”中找到更多信息。
另请参阅:您是否处理数据请求?
Q: So how do you encrypt data?
We support two layers of secure encryption. Server-client encryption is used in Cloud Chats (private and group chats), Secret Chats use an additional layer of client-client encryption. All data, regardless of type, is encrypted in the same way — be it text, media or files.
Our encryption is based on 256-bit symmetric AES encryption, 2048-bit RSA encryption, and Diffie–Hellman secure key exchange. You can find more info in the Advanced FAQ.
See also: Do you process data requests?
问:为什么我应该相信你?
电报是开放的,任何人都可以检查我们的源代码,协议和API,了解一切工作原理并做出明智的决定。实际上,我们欢迎安全专家审核我们的系统,并希望通过security@telegram.org获得反馈(更多有关此信息)
最重要的是,Telegram的主要重点不是赚钱,因此商业利益将永远不会干扰我们的使命。
另请参阅:有关电报的文章
Q: Why should I trust you?
Telegram is open, anyone can check our source code, protocol and API, see how everything works and make an informed decision. In fact, we welcome security experts to audit our system and will appreciate any feedback at [email protected] (more about this)
On top of that, Telegram’s primary focus is not to bring a profit, so commercial interests will never interfere with our mission.
See also: articles about Telegram
问:为了安全起见,我需要信任Telegram吗?
在进行秘密聊天时,您不必这么做-只需确保您的秘密聊天的可视化键与您朋友的秘密聊天设置中的键相匹配即可。有关此的更多信息。
Q: Do I need to trust Telegram for this to be secure?
When it comes to secret chats, you don‘t — just make sure that the visualized key of your secret chat matches the one in your friend’s secret chat settings. More about this below.
问:如果我的黑客朋友说他们可以解密电报消息怎么办?
欢迎声称自己可以解密电报消息的任何人在我们的比赛中证明这一要求并赢得$ 300,000。您可以查看《破解竞赛说明》以了解更多信息。
欢迎对任何有关电报的安全性发表评论,网址为security@telegram.org。所有导致代码或配置更改的提交都将有资格获得悬赏,金额从100美元到100,000美元不等,具体取决于问题的严重性。请注意,对于已解决的公开问题,我们无法提供任何奖励。
Q: What if my hacker friend says they could decipher Telegram messages?
Anyone who claims that Telegram messages can be deciphered is welcome to prove that claim in our competition and win $300,000. You can check out the Cracking Contest Description to learn more.
Any comments on Telegram’s security are welcome at [email protected]. All submissions which result in a change of code or configuration are eligible for bounties, ranging from $100 to $100,000 or more, depending on the severity of the issue. Please note that we can not offer bounties for issues that are disclosed to the public before they are fixed.
问:电报可以保护我免受一切侵害吗?
电报可以在数据传输和安全通信方面提供帮助。这意味着当您的互联网服务提供商,您连接到的Wi-Fi路由器的所有者或其他第三方截取到您时,无法解密通过Telegram发送和接收的所有数据(包括媒体和文件)。
但是请记住,如果您的母亲没有密码就带您解锁的手机,我们将无法保护您免受母亲的伤害。或者,如果他们在工作时访问您的计算机,请从您的IT部门访问。或来自对运行Telegram的电话或计算机具有物理或root访问权限的任何其他人。
如果您有理由担心人身安全,强烈建议您在官方或至少可验证的开源应用中仅使用秘密聊天获取敏感信息,最好使用自毁定时器。我们还建议您启用两步验证并设置一个强大的密码来锁定您的应用,您会在“设置”中找到这两个选项-“隐私”和“安全性”。
Q: Can Telegram protect me against everything?
Telegram can help when it comes to data transfer and secure communication. This means that all data (including media and files) that you send and receive via Telegram cannot be deciphered when intercepted by your internet service provider, owners of Wi-Fi routers you connect to, or other third parties.
But please remember that we cannot protect you from your own mother if she takes your unlocked phone without a passcode. Or from your IT-department if they access your computer at work. Or from any other people that get physical or root access to your phones or computers running Telegram.
If you have reasons to worry about your personal security, we strongly recommend using only Secret Chats in official or at least verifiable open-source apps for sensitive information, preferably with a self-destruct timer. We also recommend enabling 2-Step Verification and setting up a strong passcode to lock your app, you will find both options in Settings — Privacy and Security.
问:两步验证如何工作?
使用SMS代码登录是消息传递的行业标准,但是如果您正在寻求更高的安全性或有理由怀疑您的移动运营商或政府,我们建议您使用其他密码来保护您的云聊天。
您可以在“设置” –“隐私和安全性–两步验证”中执行此操作。启用后,您将既需要SMS代码也需要密码才能登录。您还可以设置辅助邮箱地址,以便在忘记密码时可以重新获得访问权限。如果这样做,请记住,重要的是,还应使用强密码和两步验证来保护恢复电子邮件帐户。
请查看此内容,以获得有关创建易于记忆的强密码的提示。
Q: How does 2-Step Verification work?
Logging in with an SMS code is an industry standard in messaging, but if you’re looking for more security or have reasons to doubt your mobile carrier or government, we recommend protecting your cloud chats with an additional password.
You can do this in Settings – Privacy and Security – 2-Step Verification. Once enabled, you will need both an SMS code and a password to log in. You can also set up a recovery email address that will help regain access, should you forget your password. If you do so, please remember that it’s important that the recovery email account is also protected with a strong password and 2-Step Verification when possible.
Check this out for tips on creating a strong password that is easy to remember.
问:为什么越狱和取得root权限的设备会有危险?
使用有根或越狱的设备可以使潜在的攻击者更容易获得对设备的完全管理控制权-根访问权限。
具有root用户访问权限的用户可以轻松绕过操作系统内置的安全功能,读取进程内存或访问受限区域(例如内部存储)。一旦攻击者拥有root用户访问权限,减轻威胁的任何努力就变得徒劳。在这种情况下,没有应用程序可以称为安全应用程序,无论加密强度如何。
Q: Why can jailbroken and rooted devices be dangerous?
Using a rooted or jailbroken device makes it easier for a potential attacker to gain full administrative control over your device — root access.
A user with root access can easily bypass security features built into the operating system, read process memory or access restricted areas, such as the internal storage. Once an attacker has root access, any efforts to mitigate threats become futile. No application can be called safe under these circumstances, no matter how strong the encryption.
群组/频道内容并非本站观点:Telegram群组资源大全 » telegram电报安全性相关问题解答
