Telegram connection in Canada is getting disrupted

[immartian]

Some users in Canada, have told me they started to be disconnected from Telegram whether it's on broadband or mobile services. Given the current event(https://here.news/story/c5264194?ver=0.14 ), the situation may be more bizzare although it's not a time to judge whether Telegram is a secure service or not. Not sure if it's the requirement from the government, or just by internet services.

[corpix]

@Superming997 looks like there is a malware in the zip file https://www.virustotal.com/gui/file/546c34c2782216278a8273d3c9d3a954a980c7c2c7be220914aefe446fe94fd8

[immartian]

password: changeme In the installer menu, select "gcc."

A spammer or he's hacked.

[wkrp]

OONI has a Telegram test. Here are the worldwide results or just Canada. I don't see anything unusual yet, at least with what this test measures.

[immartian]

I have asked one of them run a OONI-cli up and got this result:

   26.92% telegram: measure https://web.telegram.org/: ok 
   28.85% telegram: measure http://149.154.167.51/: ok 
   30.77% telegram: measure http://149.154.167.51:443/: ok 
   32.69% telegram: measure http://149.154.175.50/: generic_timeout_error 
   34.62% telegram: measure http://149.154.175.50:443/: generic_timeout_error 
   36.54% telegram: measure http://149.154.167.91/: ok 
   38.46% telegram: measure http://149.154.167.91:443/: ok 
   40.38% telegram: measure http://149.154.175.100/: generic_timeout_error 
   42.31% telegram: measure http://149.154.175.100:443/: generic_timeout_error 
   44.23% telegram: measure http://95.161.76.100/: ok 
   46.15% telegram: measure http://149.154.171.5/: generic_timeout_error 
   48.08% telegram: measure http://95.161.76.100:443/: ok 
   50.00% telegram: measure http://149.154.171.5:443/: generic_timeout_error

which also appears at: https://explorer.ooni.org/m/20240826153150.590882_CA_telegram_34e09b3aa5d88390. Reading preliminary, it's not a smooth one, but somehow, OONI seems only count the visibility of web/mobile UI, rather than the other following requests, which matches what users have seen: the web.telegram.org is visible but the further connections are disrupted. The web app keeps showing "Connecting..." so to speak.

[wkrp]

OONI seems only count the visibility of web/mobile UI, rather than the other following requests, which matches what users have seen: the web.telegram.org is visible but the further connections are disrupted.

According to the Telegram test specification, the access points are considered blocked only if all addresses on the list are blocked.

If all TCP connections on ports 80 and 443 to Telegram’s access point IPs fail we consider Telegram to be blocked. The key telegram_tcp_blocking is used to indicate if we believe telegram to be blocked at the TCP level.

If at least an HTTP request returns back a response, we consider Telegram to be working as intended. The key telegram_http_blocking is used to indicate if we believe telegram DCs are blocked at the HTTP level.

I thought maybe the test's list of endpoints is out of date and includes live hosts that aren't actually being used, or something like that. This seems to be the latest kBuiltInDcs in desktop Telegram (note the repeated 2—a bug?):

https://github.com/telegramdesktop/tdesktop/blob/520de600a0ee4edaf0a8047ba6fb0371a7e3d939/Telegram/SourceFiles/mtproto/mtproto_dc_options.cpp#L31-L38

const BuiltInDc kBuiltInDcs[] = {
    { 1, "149.154.175.50" , 443 },
    { 2, "149.154.167.51" , 443 },
    { 2, "95.161.76.100"  , 443 },
    { 3, "149.154.175.100", 443 },
    { 4, "149.154.167.91" , 443 },
    { 5, "149.154.171.5"  , 443 },
};

And this, I think, is the list in the OONI nettest, which matches:

https://github.com/ooni/probe-cli/blob/112452a3c6c76843e21ac347f449068840df78f9/internal/experiment/telegram/telegram.go#L89-L97

// DatacenterIPAddrs contains the list of Telegram data centers IP addresses to measure.
var DatacenterIPAddrs = []string{
    "149.154.175.50",
    "149.154.167.51",
    "149.154.175.100",
    "149.154.167.91",
    "149.154.171.5",
    "95.161.76.100",
}

I posted a link to this thread in #ooni IRC, but I'm not sure if the IRC→Slack bridge works. If you have Slack you could let them know at https://ooni.org/about/#contact.

[immartian]

update: AS11814 can reach Telegram's servers now:

Connection to 149.154.175.50:80 was successful.
Connection to 149.154.175.50:443 was successful.
Connection to 149.154.167.51:80 was successful.
Connection to 149.154.167.51:443 was successful.
Connection to 149.154.167.99:443 was successful.
Connection to 149.154.175.100:80 was successful.
Connection to 149.154.175.100:443 was successful.
Connection to 149.154.167.91:80 was successful.
Connection to 149.154.167.91:443 was successful.
Connection to 149.154.171.5:80 was successful.
Connection to 95.161.76.100:80 was successful.
Connection to 149.154.171.5:443 was successful.
Connection to 95.161.76.100:443 was successful.

via a report submitted from the same reporter as yesterday: https://explorer.ooni.org/m/20240827140617.686775_CA_telegram_deb8df8ebfec4304

Not sure it's a choke temporarily or some adjustments made in the aftermath.