A new analysis of TM Signal’s source code appears to show that the app sends users’ message logs in plaintext. At least one top Trump administration official used the app.
A new analysis of TM Signal’s source code appears to show that the app sends users’ message logs in plaintext. At least one top Trump administration official used the app.
See this reveals the flaw with privacy and security. The “protocol” may be safe and impenetrable but the app and server can do other things that are not covered by the protocol.
You can have everyone fooled by pointing at the protocol and the independent audits of it, but that’s not the entirety of the communication process.
The signal protocol might allow e2e but what the app and server does, is completely a different scenario.
Remember this, when you call an app “safe” next time.
Well this isnt the fault of the Protocol or Signal, since Signal is open source everyone can modify it howerever they like.
This means you could just “break” the client by deleting 100 random lines of code and recompiling so that it doesnt start up anymore (which again isnt the App fault, but you modifying the code)
In this way, the Isreali company changed the code of the App, effectively creating a new app that has the BASE of Signal, but is not the same.
Since the client needs to be able to read the message, it has to decode the mesaage and if you extract the data there by modifying the code, nobody can prevent that because its just bad practice