Comment

Comment on How the Signal Knockoff App TeleMessage Got Hacked in 20 Minutes

<- View Parent

tehsYs@discuss.tchncs.de ⁨2⁩ ⁨days⁩ ago

Signal does not archive messages on server side

source

Sort:hotnew top

Ulrich@feddit.org ⁨2⁩ ⁨days⁩ ago
They weren’t talk about the server:

This app…works in almost exactly the same way as Signal, except that it also archives copies of all the messages passing through it, shattering all of its security guarantees.

source
- ShittyBeatlesFCPres@lemmy.world ⁨2⁩ ⁨days⁩ ago
  Later in the article, it talks specifically about the server-side archives being stored in plain text. That’s why the hacker was able to access messages. This isn’t about the local copies on phones.
  
  source
  - Ulrich@feddit.org ⁨2⁩ ⁨days⁩ ago
    Yeah I didn’t read past the misinformation
    
    source
    AbidanYre@lemmy.world ⁨2⁩ ⁨days⁩ ago
    Kinda sounds like you’re the misinformation.
    
    source
    -> View More Comments
    doodledup@lemmy.world ⁨2⁩ ⁨days⁩ ago
    Maybe you should start reading up on stuff you don’t know about before adding nonsense to internet threads.
    
    source
    -> View More Comments
- OmegaSunkey@ani.social ⁨2⁩ ⁨days⁩ ago
  It’s why Molly has local database encryption.
  
  source
  - 0xD@infosec.pub ⁨2⁩ ⁨days⁩ ago
    That doesn’t really do anything. Attackers need local access to the device to get the database itself. Chances are, they’ll get the key right with it.
    
    source
    HappyTimeHarry@lemm.ee ⁨2⁩ ⁨days⁩ ago
    Molly encrypts it using a passphrase instead of a locally stored key for exactly that reason.
    
    source
    -> View More Comments
- disguy_ovahea@lemmy.world ⁨2⁩ ⁨days⁩ ago
  The only backup option I see for Signal is through Android, but it’s optional. There is no backup support for iOS or desktop.
  
  …signal.org/…/360007059752-Backup-and-Restore-Mes…
  
  source