New bug in Telegram Desktop allows you to read the last message
I recently discovered a very interesting bug in Telegram. It allows you to read deleted messages. And as a supporter and fan of cult products, he immediately sent a message about the bug to the Telegram support. With a clear conscience, he demonstrated to colleagues at work a found bug. “Do you want to restore your last message on Telegram?” I said, and set to work, observing the surprised faces of my colleagues.
Telegram Desktop Version 1.6.3 (the last available today)
Steps to play
Expectations
All messages are deleted and the chat is completely empty.
Reality
Our “secret message” appeared, which was deleted.
The first thing I wanted to understand was the server side or the client side. Therefore, in a similar way, I tried to reproduce the bug on the Telegram client for Android. Unfortunately, the bug was not reproduced on the cell phone and optimism has already diminished. It became clear that we are most likely faced with a cosmetic fix: they messed up the indexes and a little more entries are taken from the local cache.
Since Telegram Desktop is open source and lies on github. I found my version of Telegram, opened the code and tried to figure out what's what. The code turned out to be quite trivial and understandable. It all starts with hanging a handler for the team. It just shows a dialog box with options for deletion and then the chat is cleared. Personally, I visually did not catch my eye on anything and everything seems to work correctly. You need to deploy the environment, debug it and immediately it becomes clear what’s what.
At the current moment and at the time of publication of this article - this bug has not been fixed, so you can surprise colleagues and friends with it. You can show your girlfriend not to do anything stupid.
If you like this article and there will be many comments, I will write the following article: “How I fixed the bug in Telegram”. And also I will tell you in detail how to deploy the environment for the desktop version of Telegram. Thanks for attention!
As usual, I get up and watch the news on google. I see my name on the first pages and understand that something is wrong. The people also reproduce this bug and force the given message ( full text of the article ). This is very nice, thanks!
In PM, many asked to see the Android app. I can’t refuse my colleagues and install the Telegram Android application. I didn’t particularly delve into it, but there are enough errors here. For example, here.
Playback steps
1) I clear the history with “Victor”
2) “Victor” writes a message
Expectations
Notify comes through the google server and the message is displayed in the ListView.
The reality of
Notify is coming, but ListView doesn't display the change. There is a note “History cleared”.
A lot of colleagues were interested in how I found this bug. Because all Telegram "works like a clock." My former team leader (Anton Ryzhakov), once answered this question like this: "Poked poked and poked trouble." This very accurately describes what is happening. Friends, thank you for all the feedback in PM - it was very nice to read them. I hope you were interested. Good working day!
But let's not hesitate and get down to business
Telegram Desktop Version 1.6.3 (the last available today)
Steps to play
- Sending a "secret" message to Bob
- We clean chat messages with Bob, the button "Clear history"
- Send any new message to Bob
- Delete the message from the “Delete message” context menu (check the box - delete from Bob too)
Expectations
All messages are deleted and the chat is completely empty.
Reality
Our “secret message” appeared, which was deleted.
The further course of my thoughts
The first thing I wanted to understand was the server side or the client side. Therefore, in a similar way, I tried to reproduce the bug on the Telegram client for Android. Unfortunately, the bug was not reproduced on the cell phone and optimism has already diminished. It became clear that we are most likely faced with a cosmetic fix: they messed up the indexes and a little more entries are taken from the local cache.
Since Telegram Desktop is open source and lies on github. I found my version of Telegram, opened the code and tried to figure out what's what. The code turned out to be quite trivial and understandable. It all starts with hanging a handler for the team. It just shows a dialog box with options for deletion and then the chat is cleared. Personally, I visually did not catch my eye on anything and everything seems to work correctly. You need to deploy the environment, debug it and immediately it becomes clear what’s what.
At the current moment and at the time of publication of this article - this bug has not been fixed, so you can surprise colleagues and friends with it. You can show your girlfriend not to do anything stupid.
If you like this article and there will be many comments, I will write the following article: “How I fixed the bug in Telegram”. And also I will tell you in detail how to deploy the environment for the desktop version of Telegram. Thanks for attention!
Update
How life has changed after publication on Habré
As usual, I get up and watch the news on google. I see my name on the first pages and understand that something is wrong. The people also reproduce this bug and force the given message ( full text of the article ). This is very nice, thanks!
Watching the Android app
In PM, many asked to see the Android app. I can’t refuse my colleagues and install the Telegram Android application. I didn’t particularly delve into it, but there are enough errors here. For example, here.
Playback steps
1) I clear the history with “Victor”
2) “Victor” writes a message
Expectations
Notify comes through the google server and the message is displayed in the ListView.
The reality of
Notify is coming, but ListView doesn't display the change. There is a note “History cleared”.
How the current bug was found
A lot of colleagues were interested in how I found this bug. Because all Telegram "works like a clock." My former team leader (Anton Ryzhakov), once answered this question like this: "Poked poked and poked trouble." This very accurately describes what is happening. Friends, thank you for all the feedback in PM - it was very nice to read them. I hope you were interested. Good working day!