Campground
  • Communities
  • Create Post
  • Create Community
  • heart
    Support Lemmy
  • search
    Search
  • Login
  • Sign Up
jeffw@lemmy.world to Technology@lemmy.worldEnglish · 2 months ago

How the Signal Knockoff App TeleMessage Got Hacked in 20 Minutes

www.wired.com

external-link
message-square
12
link
fedilink
1
external-link

How the Signal Knockoff App TeleMessage Got Hacked in 20 Minutes

www.wired.com

jeffw@lemmy.world to Technology@lemmy.worldEnglish · 2 months ago
message-square
12
link
fedilink
The company behind the Signal clone used by at least one Trump administration official was breached earlier this month. The hacker says they got in thanks to a basic misconfiguration.
  • disguy_ovahea@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    2 months ago

    Signal uses end-to-end encryption (E2EE). The only copies of messages are on the sender’s and recipient’s devices.

    https://support.signal.org/hc/en-us/articles/360007320391-Is-it-private-Can-I-trust-it#%3A~%3Atext=Signal+conversations+are+always+end%2C%2C+every+call%2C+every+time.

    • Ulrich@feddit.org
      link
      fedilink
      English
      arrow-up
      0
      ·
      2 months ago

      Copies of messages are also known as archives.

      • tehsYs@discuss.tchncs.de
        link
        fedilink
        English
        arrow-up
        0
        ·
        2 months ago

        Signal does not archive messages on server side

        • Ulrich@feddit.org
          link
          fedilink
          English
          arrow-up
          0
          ·
          edit-2
          2 months ago

          They weren’t talking about the server:

          This app…works in almost exactly the same way as Signal, except that it also archives copies of all the messages passing through it, shattering all of its security guarantees.

          • ShittyBeatlesFCPres@lemmy.world
            link
            fedilink
            English
            arrow-up
            0
            ·
            2 months ago

            Later in the article, it talks specifically about the server-side archives being stored in plain text. That’s why the hacker was able to access messages. This isn’t about the local copies on phones.

            • Ulrich@feddit.org
              link
              fedilink
              English
              arrow-up
              0
              ·
              2 months ago

              Yeah I didn’t read past the misinformation

              • AbidanYre@lemmy.world
                link
                fedilink
                English
                arrow-up
                0
                ·
                edit-2
                2 months ago

                Kinda seems like you’re the misinformation.

                • Ulrich@feddit.org
                  link
                  fedilink
                  English
                  arrow-up
                  0
                  ·
                  edit-2
                  2 months ago

                  You’re confused, I am not the author of this article. I did not write the statement above, just copied and pasted it here.

                  • AbidanYre@lemmy.world
                    link
                    fedilink
                    English
                    arrow-up
                    0
                    ·
                    2 months ago

                    I’m not confused, you’re intentionally misreading what’s happening for some reason.

                    “Passing through it” pretty clearly refers to the server as that’s what was hacked into and had plain text archives.

                    You’re hyper fixating on the fact that the article says “the app” when referring to both the phone and server pieces to try and argue… something.

Technology@lemmy.world

technology@lemmy.world

Subscribe from Remote Instance

Create a post
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: [email protected]

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots


  • @[email protected]
  • @[email protected]
  • @[email protected]
  • @[email protected]
Visibility: Public
globe

This community can be federated to other instances and be posted/commented in by their users.

  • 3.86K users / day
  • 8.64K users / week
  • 16K users / month
  • 22.9K users / 6 months
  • 1 local subscriber
  • 73.1K subscribers
  • 3.86K Posts
  • 47K Comments
  • Modlog
  • mods:
  • L3s@lemmy.world
  • enu@lemmy.world
  • Technopagan@lemmy.world
  • L4sBot@lemmy.world
  • L3s@hackingne.ws
  • L4s@hackingne.ws
  • UI: unknown version
  • BE: 0.19.12
  • Modlog
  • Instances
  • Docs
  • Code
  • join-lemmy.org