TechCrunch reports that Telegram has been discovered to continue exposing users' IP addresses to contacts during phone calls despite being touted as a secure and private messaging app.
"Telegram focuses on security and privacy, however, in order to stay safe you need to be aware of the nuances of how the messenger's voice calls work. An unprepared person can easily reveal his IP address to his interlocutor if he does not know about them," said security researcher Denis Simonov, also known as n0a, of the cybersecurity firm T.Secure, who developed a tool exploiting the issue.
Meanwhile, Telegram spokesperson Remi Vaughn noted that IP addresses are exposed by default due to the platform's use of a peer-to-peer connection to ensure call quality.
"The downside of this is that it necessitates that both sides know the IP address of the other (since it is a direct connection). Unlike on other messengers, calls from those who are not on your contact list will be routed through Telegram's servers to obscure that," said Vaughn.
Telegram users looking to prevent continued IP address exposure have been advised to change their privacy and security settings.
Such postponement comes after Recall was subjected to several delays since June due to security concerns associated with the feature, which has since been allayed by Microsoft with its assurances of an opt-in experience, a completely encrypted database, and Windows Hello-based authentication.
Aside from enabling surveillance that curtails individuals' privacy rights, the UN cybercrime treaty — which has already been approved by the body's Ad Hoc Committee on Cybercrime — also requires the gathering and sharing of private internet user data with other countries that could legitimate authoritarian nations' partnerships.