create account

Security: Critical Bug in Signal Messenger by ash

View this thread on: hive.blogpeakd.comecency.com
security · @ash ·
$0.93
Security: Critical Bug in Signal Messenger
![image.png](https://files.steempeak.com/file/steempeak/ash/U3TSI7kL-image.png)

> Google Project Zero researcher Natalie Silvanovich discovered a logical vulnerability in the Signal messaging app for Android that could allow malicious caller to force a call to be answered at the receiver's end without requiring his/her interaction.

Sources:
* https://thehackernews.com/2019/10/signal-messenger-bug.html
* https://bugs.chromium.org/p/project-zero/issues/detail?id=1943

-----

The problem with Signal and other Messengers like WhatsApp/Telegram is that they're not only NOT decentralized, but they are also asking for a soft KYC in form of your Mobile Number. And in ~150 countries you have to identify yourself in order to get a Sim Card. It's a mess in my opinion. 

If you're looking for a working alternative, checkout [Jami](https://jami.net/). Their approach is to decentralize as much as possible! Only thing it's missing at this point are group chats, but according to the devs this feature is being worked on, and they hope to deliver at Q1 2020.

-------------
[![](https://i.imgur.com/S5Z1jNr.png)](https://smarturl.it/securevpn)
[Secure & Anonymous VPN - Uploadfilter? Censorship? No Thanks!](https://smarturl.it/securevpn)

### [💸BUY STEEM💸](https://smarturl.it/binance)

Follow Me
[🦋Twitter](https://twitter.com/btsfav) || [♨️Steem](https://steempeak.com/@ash)v|| [📺DTube](https://d.tube/#!/c/ash) || [DMail fav.id](https://app.dmail.online)

*[Image/Pixabay](https://pixabay.com/illustrations/communication-phone-call-message-1015376/)*
👍  , , , , , , , , , , , , , , , , , , , , , , , , , ,
properties (23)
authorash
permlinksecurity-critical-bug-in-signal-messenger
categorysecurity
json_metadata{"app":"steempeak/1.17.1","format":"markdown","tags":["security","signal","messenger","jami","palnet","stem"],"users":["ash"],"links":["https://thehackernews.com/2019/10/signal-messenger-bug.html","https://bugs.chromium.org/p/project-zero/issues/detail?id=1943","https://jami.net/","https://smarturl.it/securevpn","https://smarturl.it/securevpn","https://smarturl.it/binance","https://twitter.com/btsfav","/@ash","https://d.tube/#!/c/ash","https://app.dmail.online"],"image":["https://files.steempeak.com/file/steempeak/ash/U3TSI7kL-image.png","https://i.imgur.com/S5Z1jNr.png"]}
created2019-10-06 09:06:15
last_update2019-10-06 09:06:15
depth0
children3
last_payout2019-10-13 09:06:15
cashout_time1969-12-31 23:59:59
total_payout_value0.471 HBD
curator_payout_value0.458 HBD
pending_payout_value0.000 HBD
promoted0.000 HBD
body_length1,554
author_reputation286,803,743,324,398
root_title"Security: Critical Bug in Signal Messenger"
beneficiaries[]
max_accepted_payout1,000,000.000 HBD
percent_hbd10,000
post_id91,277,305
net_rshares3,835,923,401,998
author_curate_reward""
vote details (27)
@blackfireburn · 
Interesting but I think there is still a space for centralized applications, also even if you can be identified by your number there is no way for a bad actor to read your messages. As such just knowing you sent a message doesn't help anyone much.
I will look into Jami
thanks

Posted using [Partiko Android](https://partiko.app/referral/blackfireburn)
properties (22)
authorblackfireburn
permlinkblackfireburn-re-ash-security-critical-bug-in-signal-messenger-20191006t104330078z
categorysecurity
json_metadata{"app":"partiko","client":"android"}
created2019-10-06 10:43:30
last_update2019-10-06 10:43:30
depth1
children0
last_payout2019-10-13 10:43:30
cashout_time1969-12-31 23:59:59
total_payout_value0.000 HBD
curator_payout_value0.000 HBD
pending_payout_value0.000 HBD
promoted0.000 HBD
body_length352
author_reputation12,976,827,188
root_title"Security: Critical Bug in Signal Messenger"
beneficiaries[]
max_accepted_payout1,000,000.000 HBD
percent_hbd10,000
post_id91,279,221
net_rshares0
@dmwh ·
$0.04
Thanks for the info.  I will check out the article and Jami.  I primarily use Signal but I'm not a fan of the mobile number registration.  I believe that they did it in order to search through contacts on the device to discover other Signal users which seems like a bit of a expedient shortcut but not the best solution.
👍  
properties (23)
authordmwh
permlinkre-ash-pyyrju
categorysecurity
json_metadata{"tags":["security"],"app":"steempeak/1.17.1"}
created2019-10-06 17:36:12
last_update2019-10-06 17:36:12
depth1
children0
last_payout2019-10-13 17:36:12
cashout_time1969-12-31 23:59:59
total_payout_value0.019 HBD
curator_payout_value0.018 HBD
pending_payout_value0.000 HBD
promoted0.000 HBD
body_length320
author_reputation1,938,573,967,016
root_title"Security: Critical Bug in Signal Messenger"
beneficiaries[]
max_accepted_payout1,000,000.000 HBD
percent_hbd10,000
post_id91,289,187
net_rshares201,965,912,472
author_curate_reward""
vote details (1)
@steem-plus ·
SteemPlus upvote
Hi, @ash!

You just got a **0.26%** upvote from SteemPlus!
To get higher upvotes, earn more SteemPlus Points (SPP). On your Steemit wallet, check your SPP balance and click on "How to earn SPP?" to find out all the ways to earn.
If you're not using SteemPlus yet, please check our last posts in [here](https://steemit.com/@steem-plus) to see the many ways in which SteemPlus can improve your Steem experience on Steemit and Busy.
properties (22)
authorsteem-plus
permlinksecurity-critical-bug-in-signal-messenger---vote-steemplus
categorysecurity
json_metadata{}
created2019-10-07 07:12:06
last_update2019-10-07 07:12:06
depth1
children0
last_payout2019-10-14 07:12:06
cashout_time1969-12-31 23:59:59
total_payout_value0.000 HBD
curator_payout_value0.000 HBD
pending_payout_value0.000 HBD
promoted0.000 HBD
body_length430
author_reputation247,952,188,232,400
root_title"Security: Critical Bug in Signal Messenger"
beneficiaries[]
max_accepted_payout1,000,000.000 HBD
percent_hbd10,000
post_id91,307,702
net_rshares0
Help/Feedback