Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Seems suspicious #19

Open
v-gordienko opened this issue Jul 8, 2022 · 1 comment
Open

Seems suspicious #19

v-gordienko opened this issue Jul 8, 2022 · 1 comment

Comments

@v-gordienko
Copy link

One of the config vars is SESSION_STRING that can only be obtained via the some shady methods.
The one with @genStr_robot requires you to follow the developer's telegram channel (which is already kind of meh to be honest) and then asks you to give it your OTP which you shouldn't really tell anyone, they are very clear about that.
I'm not saying anything, I'm sure the dev is cool and not trying to scam people, but you can't deny that it seems very suspicious and thus I'd move away from this kind of setup.
Maybe there is a way around asking for the second most important thing about your telegram account, idk
@AsmSafone
Copy link
Owner

One of the config vars is SESSION_STRING that can only be obtained via the some shady methods. The one with @genStr_robot requires you to follow the developer's telegram channel (which is already kind of meh to be honest) and then asks you to give it your OTP which you shouldn't really tell anyone, they are very clear about that. I'm not saying anything, I'm sure the dev is cool and not trying to scam people, but you can't deny that it seems very suspicious and thus I'd move away from this kind of setup. Maybe there is a way around asking for the second most important thing about your telegram account, idk

It's absolutely understandable that you're concerned about the security of your account. No one should ever be encouraged to share sensitive information like OTPs, especially in the context of Telegram where this can potentially lead to account compromise.

The good news is that, if the code is open source, you indeed can generate your own SESSION_STRING by running the program yourself. By doing so, you're in full control of your account details, and the need to share your OTP or any other sensitive information with third parties is eliminated.

Regarding the necessity of a user account, you're correct that, as per Telegram rules, bots can't join voice chats. Therefore, a user account is necessary to perform these tasks. So, creating a SESSION_STRING using your own user account is critical.

To summarize, running the open source code yourself can help you maintain the security of your account, and using a user account is a requirement due to Telegram's restrictions on bot activities.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@AsmSafone @v-gordienko