Security: Critical Bug in Signal Messenger

in #security2 years ago


Google Project Zero researcher Natalie Silvanovich discovered a logical vulnerability in the Signal messaging app for Android that could allow malicious caller to force a call to be answered at the receiver's end without requiring his/her interaction.


The problem with Signal and other Messengers like WhatsApp/Telegram is that they're not only NOT decentralized, but they are also asking for a soft KYC in form of your Mobile Number. And in ~150 countries you have to identify yourself in order to get a Sim Card. It's a mess in my opinion.

If you're looking for a working alternative, checkout Jami. Their approach is to decentralize as much as possible! Only thing it's missing at this point are group chats, but according to the devs this feature is being worked on, and they hope to deliver at Q1 2020.

Secure & Anonymous VPN - Uploadfilter? Censorship? No Thanks!


Follow Me
🦋Twitter || ♨️Steemv|| 📺DTube || DMail



Thanks for the info. I will check out the article and Jami. I primarily use Signal but I'm not a fan of the mobile number registration. I believe that they did it in order to search through contacts on the device to discover other Signal users which seems like a bit of a expedient shortcut but not the best solution.

Interesting but I think there is still a space for centralized applications, also even if you can be identified by your number there is no way for a bad actor to read your messages. As such just knowing you sent a message doesn't help anyone much.
I will look into Jami

Posted using Partiko Android

Hi, @ash!

You just got a 0.26% upvote from SteemPlus!
To get higher upvotes, earn more SteemPlus Points (SPP). On your Steemit wallet, check your SPP balance and click on "How to earn SPP?" to find out all the ways to earn.
If you're not using SteemPlus yet, please check our last posts in here to see the many ways in which SteemPlus can improve your Steem experience on Steemit and Busy.