It’s been a while since I wrote something here… Let’s dig an iceberg of “security in general” again. This is a very brief review that is using Telegram mobile application, which connects through the mobile network to a remote server, just as an example. The attack surface may be different for you, but it can still contain the same basic elements (not always). Application layer (Telegram app) Libraries OS + backups Device + GSM stack Network layers API service + some backend Third-party services 1.