Telegram FOSS acquire your biometric data

Hi there,
we are an Italian association (EXIT) and would like to share with you an “smart user” experience.

A few weeks ago, one of our members, performs an update of its version of LineageOS, from 7.1 to 8.1 and reinstall every apps (not using seedvault), Telegram FOSS included (from F-Droid).
In the evening of the same day opens Telegram FOSS and starts chatting.
After a few seconds, an unusual icon appear and disappear very quickly on the taskbar at the top.

After a few minutes this person realized that the icon signaled access to the camera, thanks to the new feature introduced in LOS 8.1 and going to check in the settings he had the confirmation: Telegram FOSS had just had access to the camera.

Why this?
Because the digital fingerprint had changed due to the LOS update, Telegram servers holders was thus necessary to have confirmation that the person was the same through the acquisition of a biometric data: photo of the face.



1 Like

Since Telegram FOSS is FOSS, perhaps link the offending code?

Extraordinary claims require extraordinary evidence.


Ask to the Telegram (FOSS) developer if it allows remote control of the camera (audio, and other devices)…

I don’t seem to find your issue: ?

Was this explanation provided by the app developer?

This is obviously a crude approach, but…

in widgets directory, has several places and ways photos are taken and processed.

Because the server source is not open, there is no way (for me) to easily know what signals may be sent from server to TM app to cause photos to be taken and uploaded.

When in doubt, cover camera (and microphone), or remove battery, AND do not use apps with non-free net tag.

Any program that requires your phone number just to use the app should be a a no-no straight off the bat. May I suggest Conversations from f-droid? Search for free xmpp server online and create a login and password. Input login and pass in Conversations as existing account. Add family and friends.