Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Watch Nearby! Privacy Analysis of the People Nearby Service of Telegram

Maurantonio Caprolu, Savio Sciancalepore, Aleksandar Grigorov, Velyan Kolev, Gabriele Oligeri

TL;DR

Although the service protects against precise user localization, it is demonstrated that location privacy is always lower than the one declared by Telegram (500~meters), and it is discovered that location privacy is a function of the geographical position of the user.

Abstract

People Nearby is a service offered by Telegram that allows a user to discover other Telegram users, based only on geographical proximity. Nearby users are reported with a rough estimate of their distance from the position of the reference user, allowing Telegram to claim location privacy In this paper, we systematically analyze the location privacy provided by Telegram to users of the People Nearby service. Through an extensive measurement campaign run by spoofing the user's location all over the world, we reverse-engineer the algorithm adopted by People Nearby to compute distances between users. Although the service protects against precise user localization, we demonstrate that location privacy is always lower than the one declared by Telegram of 500 meters. Specifically, we discover that location privacy is a function of the geographical position of the user. Indeed, the radius of the location privacy area (localization error) spans between 400 meters (close to the equator) and 128 meters (close to the poles), with a difference of up to 75% (worst case) compared to what Telegram declares. After our responsible disclosure, Telegram updated the FAQ associated with the service. Finally, we provide some solutions and countermeasures that Telegram can implement to improve location privacy. In general, the reported findings highlight the significant privacy risks associated with using People Nearby service.

Watch Nearby! Privacy Analysis of the People Nearby Service of Telegram

TL;DR

Although the service protects against precise user localization, it is demonstrated that location privacy is always lower than the one declared by Telegram (500~meters), and it is discovered that location privacy is a function of the geographical position of the user.

Abstract

People Nearby is a service offered by Telegram that allows a user to discover other Telegram users, based only on geographical proximity. Nearby users are reported with a rough estimate of their distance from the position of the reference user, allowing Telegram to claim location privacy In this paper, we systematically analyze the location privacy provided by Telegram to users of the People Nearby service. Through an extensive measurement campaign run by spoofing the user's location all over the world, we reverse-engineer the algorithm adopted by People Nearby to compute distances between users. Although the service protects against precise user localization, we demonstrate that location privacy is always lower than the one declared by Telegram of 500 meters. Specifically, we discover that location privacy is a function of the geographical position of the user. Indeed, the radius of the location privacy area (localization error) spans between 400 meters (close to the equator) and 128 meters (close to the poles), with a difference of up to 75% (worst case) compared to what Telegram declares. After our responsible disclosure, Telegram updated the FAQ associated with the service. Finally, we provide some solutions and countermeasures that Telegram can implement to improve location privacy. In general, the reported findings highlight the significant privacy risks associated with using People Nearby service.
Paper Structure (11 sections, 2 equations, 17 figures, 1 table)

This paper contains 11 sections, 2 equations, 17 figures, 1 table.

Table of Contents

  1. Introduction
  2. Related work
  3. People Nearby Service
  4. Methodology
  5. Data Collection
  6. Measurement campaign
  7. Reverse engineering People Nearby
  8. Location Privacy Analysis
  9. Shapes of transition boundaries
  10. Impact and Responsible Disclosure
  11. Conclusion

Figures (17)

  • Figure 1: People Nearby service provides a rough approximation of the distance between the users in the neighborhood.
  • Figure 2: Data acquisition model: $\mathcal{B}$ repeatedly changes his trajectory when he experiences a change in the reported distance class to $\mathcal{A}$, as shown by the People Nearby service.
  • Figure 3: Collection of transitions: red arrows are related to transitions between $500$ and $1,000$ meters while green arrows report the transitions between $1,000$ and 500 meters. The tips and the tails of the arrows refer to the (two) locations---before and after---the transition is detected.
  • Figure 4: Modelling the transitions' distribution with a square shape: the red cross represents the position of the target, the black circles indicate the corners of the transitions' boundaries, and finally, the red circle shows the position of the centroid, being the best estimation of the target position assuming the target location is unknown to the finder.
  • Figure 5: Measurements analysis: the black circles identify the corners of the boundaries of the transition, i.e., the transitions between the distances of $500$ and $1,000$, meters (in both the ways), red circles show the centroids, while all the targets are overlapping at $[0, 0]$.
  • ...and 12 more figures

Theorems & Definitions (1)

  • Definition 4.1