• atkdef@lemmy.world
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    This actually is not a bad thing. If an unofficial client MITM the whole registration process, it’s much harder for the true account owner to prove that he/she is the legit one.

    Also, it doesn’t really require a client to register; Telegram can be accessed from a browser.

    • smileyhead@discuss.tchncs.de
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      If unofficial app can MITM registration, it can the same way MITM login later.

      doesn’t require a client A side note, JavaScript app in the browser is as much an app as Java/Kotlin on Android. But I know websites and web-based applications are now so mixed together it sometimes can confuse me too.

      And browser version of Telegram does not allow registering new accounts also.

      • atkdef@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        1 year ago

        Compared to login, MITM on registration means the culprit knows the IP address and the time of the registration, which is usually significant on claiming the account back.

        I don’t have a spare number to test, but I’m pretty sure entering a phone number in the web sends a SMS code. Do you have concrete evidence that it really doesn’t work?