What security vulnerabilities does signal have?
Comment on The Signal and the noise: Why the messaging app is great for privacy but not for war plans.
kittenzrulz123@lemmy.blahaj.zone 1 week ago
Fundamentally the biggest security vulnerability in every peice of software is the end user. It does not matter how intelligently the software is designed, no amount of preparation can handle the users. That is not to say Signal has no security vulnerabilities but almost nothing can stop someone from inviting a random reporter (if they explicitly invited them). Furthermore I have a conspiracy theory of sorts, I dont think it was a mistake. I think Trumps own administration is trying to backstab him. Maybe they had ideas of becoming more powerful, maybe they thought Trump woupd reduce their power, but I feel that the amount of government leaks and just how complicated they are would suggest infighting.
JiminaMann@lemmy.world 1 week ago
kittenzrulz123@lemmy.blahaj.zone 1 week ago
sugar_in_your_tea@sh.itjust.works 1 week ago
The main issue I know about is in how messages are stored (the top CVE in that list). If a phone is compromised, all chat history could be exfiltrated. That’s incredibly unlikely for a regular citizen, but it’s a lot more likely for an important position like the head of the Department of Defense or something.
kittenzrulz123@lemmy.blahaj.zone 1 week ago
Im not a security researcher tbh and I havent extensively studied the security model of Signal (I use Matrix)
JiminaMann@lemmy.world 1 week ago
Hmm, last cve was in 2023…
piecat@lemmy.world 1 week ago
Yeah- that is a bit odd. Who and if not intentional, how?