• @[email protected]
    link
    fedilink
    English
    01 year ago

    If unofficial app can MITM registration, it can the same way MITM login later.

    doesn’t require a client A side note, JavaScript app in the browser is as much an app as Java/Kotlin on Android. But I know websites and web-based applications are now so mixed together it sometimes can confuse me too.

    And browser version of Telegram does not allow registering new accounts also.

    • @[email protected]
      link
      fedilink
      English
      1
      edit-2
      1 year ago

      Compared to login, MITM on registration means the culprit knows the IP address and the time of the registration, which is usually significant on claiming the account back.

      I don’t have a spare number to test, but I’m pretty sure entering a phone number in the web sends a SMS code. Do you have concrete evidence that it really doesn’t work?