I feel that your post is being a bit dishonest, as it ends with the following:
> UPD: The story ended well. Vulnerability is corrected, documentation and applications are updated, treasure hunters of bugs are motivated, which has already yielded results (1, 2). It is necessary to pay tribute to the developers of Telegram, who immediately reacted to the article.
It's hard to say that it's not a mistake when the author of the article itself describes their response as "immediate".
Durov and Telegram have more or less shown their mettle; there was no money or profit in standing up to Russia, but they went ahead and did it anyways when it would have been easier to buckle. Yes, it has flaws in its implementation, but so far they've proven that when push comes to shove, they're willing to fight for their politics and to keep on fighting against such regimes. Once this changes, sure, it's fine to lay into them, but right now it really looks like they're true to their word.
> It's hard to say that it's not a mistake when the author of the article itself describes their response as "immediate".
It is an obvious backdoor.
They justified XORing in arbitrarily string into the key you have established with DH with the fact that your phone may have bad random number generator. But it obviously gains you nothing. If the server is honest, then it does not read your secret chat anyway. And if the server is malicious or compromised, it knows the string.
So even if it is possible to overlook the possibility of XORing in the difference of keys and evading MITM detection, it is very unlikely that no developer (for example, someone who coded it into the server or one of the clients) have seen that it gains you nothing in any scenario you can think about.
When users started to asking developers for the explanation in the comments, W_K (main developer of the protocol, brother of Pavel Durov) stated that they "don't know" who added this feature in its current form. Shortly after, he stopped using his account or answering any questions at all: https://habr.com/users/W_K/
Upd: regarding the remark in the end of the https://habr.com/post/206900/ that "the story ended well", Telegram team is responsive etc.
Keep in mind that they paid this guy. Adding such updates to articles and publicly confirming that the bug was fixed is almost surely a part of the bug bounty agreement.
> UPD: The story ended well. Vulnerability is corrected, documentation and applications are updated, treasure hunters of bugs are motivated, which has already yielded results (1, 2). It is necessary to pay tribute to the developers of Telegram, who immediately reacted to the article.
It's hard to say that it's not a mistake when the author of the article itself describes their response as "immediate".
Durov and Telegram have more or less shown their mettle; there was no money or profit in standing up to Russia, but they went ahead and did it anyways when it would have been easier to buckle. Yes, it has flaws in its implementation, but so far they've proven that when push comes to shove, they're willing to fight for their politics and to keep on fighting against such regimes. Once this changes, sure, it's fine to lay into them, but right now it really looks like they're true to their word.