Security

113 readers

1 users here now

Confidentiality Integrity Availability

founded 4 years ago

MODERATORS

gary_host_laptop@lemmy.ml

Signal is secure, as proven by hackers (www.kaspersky.com)

submitted 2 years ago* (last edited 2 years ago) by jonesv@lemmy.ml to c/security@lemmy.ml

36 comments fedilink hide all child comments

Users of the Signal messaging app got hit by a hacker attack. We analyze what happened and why the attack demonstrates that Signal is reliable.

you are viewing a single comment's thread
view the rest of the comments

[–] cypherpunks@lemmy.ml 10 points 2 years ago (1 children)

so... a bunch of twilio employees had (and still have) exactly the capability that the attackers gained with this phishing attack. As do employees of Signal, Amazon, and various telecom companies, not to mention governments.

"Secure messenger" and "requires a telephone number" are not compatible concepts.

[–] jonesv@lemmy.ml 8 points 2 years ago

“Secure messenger” and “requires a telephone number” are not compatible concepts.

Following that logic, could we say that "secure messenger" and "requires a computer" are not compatible concepts, because the computer could be compromised? I mean, in the Twilio situation above, users got informed that the conversation key had changed (suggesting that they should verify the keys again if it matters to them). Now if your phone is compromised, you're screwed, whether or not your secure messenger requires a telephone number.