this post was submitted on 03 Sep 2022
25 points (100.0% liked)

Security

5010 readers
1 users here now

Confidentiality Integrity Availability

founded 4 years ago
MODERATORS
25
submitted 2 years ago* (last edited 2 years ago) by jonesv@lemmy.ml to c/security@lemmy.ml
 

Users of the Signal messaging app got hit by a hacker attack. We analyze what happened and why the attack demonstrates that Signal is reliable.

you are viewing a single comment's thread
view the rest of the comments
[–] altair222@beehaw.org 2 points 2 years ago (1 children)

No identificators at all? Lol sure, who else is using it with you?

[–] bkrl@lemmy.ml 1 points 2 years ago (1 children)

At the moment I think more than 3000 people. Young app. Needs it to spread.

[–] nachtigall@feddit.de 4 points 2 years ago (1 children)

If it needs to spread, don't make a secret of it lol. Briar, SimpleX, something else?

[–] bkrl@lemmy.ml 3 points 2 years ago* (last edited 2 years ago) (1 children)
[–] jonesv@lemmy.ml 3 points 2 years ago (1 children)

Oh, yet another messenger that pretends that it's the only one that can prevent MITM. Abusive marketing, or plain misunderstanding of what e2ee means? Anyway I wouldn't trust them just for that.

[–] bkrl@lemmy.ml 2 points 2 years ago (1 children)

The code is open. You can check your own doubts.

[–] jonesv@lemmy.ml 3 points 2 years ago* (last edited 2 years ago) (1 children)

Not my point. Their webpage says that others (Signal included) are not protected against MITM (in the case of Signal, there is a note saying "if the server is compromised"). Which is plain wrong.

[–] bkrl@lemmy.ml 2 points 2 years ago (1 children)

Are you aware that, just to start somewhere, Signal asks (and needs) your phone number to make the service work? If you write "go to hell" to a person and two minutes later you regret it that person can accuse you with absolutely legal evidence in his or her favor. Is everything normal?

[–] jonesv@lemmy.ml 5 points 2 years ago

First, that's completely unrelated to the very concept of MITM. Second, it also shows that you have no clue about how such protocols work (in Signal, in SimpleX, or anywhere else). I really don't understand why people who are really into secure messengers often don't really care about how they actually work... I mean it is damn interesting!