Open immartian opened 2 months ago
@Superming997 looks like there is a malware in the zip file https://www.virustotal.com/gui/file/546c34c2782216278a8273d3c9d3a954a980c7c2c7be220914aefe446fe94fd8
password: changeme In the installer menu, select "gcc."
A spammer or he's hacked.
OONI has a Telegram test. Here are the worldwide results or just Canada. I don't see anything unusual yet, at least with what this test measures.
I have asked one of them run a OONI-cli up and got this result:
26.92% telegram: measure https://web.telegram.org/: ok
28.85% telegram: measure http://149.154.167.51/: ok
30.77% telegram: measure http://149.154.167.51:443/: ok
32.69% telegram: measure http://149.154.175.50/: generic_timeout_error
34.62% telegram: measure http://149.154.175.50:443/: generic_timeout_error
36.54% telegram: measure http://149.154.167.91/: ok
38.46% telegram: measure http://149.154.167.91:443/: ok
40.38% telegram: measure http://149.154.175.100/: generic_timeout_error
42.31% telegram: measure http://149.154.175.100:443/: generic_timeout_error
44.23% telegram: measure http://95.161.76.100/: ok
46.15% telegram: measure http://149.154.171.5/: generic_timeout_error
48.08% telegram: measure http://95.161.76.100:443/: ok
50.00% telegram: measure http://149.154.171.5:443/: generic_timeout_error
which also appears at: https://explorer.ooni.org/m/20240826153150.590882_CA_telegram_34e09b3aa5d88390. Reading preliminary, it's not a smooth one, but somehow, OONI seems only count the visibility of web/mobile UI, rather than the other following requests, which matches what users have seen: the web.telegram.org is visible but the further connections are disrupted. The web app keeps showing "Connecting..." so to speak.
OONI seems only count the visibility of web/mobile UI, rather than the other following requests, which matches what users have seen: the web.telegram.org is visible but the further connections are disrupted.
According to the Telegram test specification, the access points are considered blocked only if all addresses on the list are blocked.
If all TCP connections on ports 80 and 443 to Telegram’s access point IPs fail we consider Telegram to be blocked. The key
telegram_tcp_blocking
is used to indicate if we believe telegram to be blocked at the TCP level.If at least an HTTP request returns back a response, we consider Telegram to be working as intended. The key
telegram_http_blocking
is used to indicate if we believe telegram DCs are blocked at the HTTP level.
I thought maybe the test's list of endpoints is out of date and includes live hosts that aren't actually being used, or something like that. This seems to be the latest kBuiltInDcs
in desktop Telegram (note the repeated 2
—a bug?):
const BuiltInDc kBuiltInDcs[] = {
{ 1, "149.154.175.50" , 443 },
{ 2, "149.154.167.51" , 443 },
{ 2, "95.161.76.100" , 443 },
{ 3, "149.154.175.100", 443 },
{ 4, "149.154.167.91" , 443 },
{ 5, "149.154.171.5" , 443 },
};
And this, I think, is the list in the OONI nettest, which matches:
// DatacenterIPAddrs contains the list of Telegram data centers IP addresses to measure.
var DatacenterIPAddrs = []string{
"149.154.175.50",
"149.154.167.51",
"149.154.175.100",
"149.154.167.91",
"149.154.171.5",
"95.161.76.100",
}
I posted a link to this thread in #ooni IRC, but I'm not sure if the IRC→Slack bridge works. If you have Slack you could let them know at https://ooni.org/about/#contact.
update: AS11814 can reach Telegram's servers now:
Connection to 149.154.175.50:80 was successful.
Connection to 149.154.175.50:443 was successful.
Connection to 149.154.167.51:80 was successful.
Connection to 149.154.167.51:443 was successful.
Connection to 149.154.167.99:443 was successful.
Connection to 149.154.175.100:80 was successful.
Connection to 149.154.175.100:443 was successful.
Connection to 149.154.167.91:80 was successful.
Connection to 149.154.167.91:443 was successful.
Connection to 149.154.171.5:80 was successful.
Connection to 95.161.76.100:80 was successful.
Connection to 149.154.171.5:443 was successful.
Connection to 95.161.76.100:443 was successful.
via a report submitted from the same reporter as yesterday: https://explorer.ooni.org/m/20240827140617.686775_CA_telegram_deb8df8ebfec4304
Not sure it's a choke temporarily or some adjustments made in the aftermath.
Some users in Canada, have told me they started to be disconnected from Telegram whether it's on broadband or mobile services. Given the current event(https://here.news/story/c5264194?ver=0.14 ), the situation may be more bizzare although it's not a time to judge whether Telegram is a secure service or not. Not sure if it's the requirement from the government, or just by internet services.