3. Messenger billed as better than Signal is riddled with vulnerabilities. Threema ...

Messenger billed as better than Signal is riddled with vulnerabilities. Threema comes with unusually strong claims. They crumble under new research findings.

Academic researchers have discovered serious vulnerabilities in the core of Threema, an instant messenger that its Switzerland-based developer says provides a level of security and privacy “no other chat service” can offer. Despite the unusually strong claims and two independent security audits Threema has received, the researchers said the flaws completely undermine assurances of confidentiality and authentication that are the cornerstone of any program sold as providing end-to-end encryption, typically abbreviated as E2EE…

Researchers from the Zurich-based ETH research university reported on Monday that they found seven vulnerabilities in Threema that seriously call into question the true level of security the app has offered over the years. Two of the vulnerabilities require no special access to a Threema server or app to cryptographically impersonate a user. Three vulnerabilities require an attacker to gain access to a Threema server. The remaining two can be exploited when an attacker gains access to an unlocked phone, such as at a border crossing…

Click thru for more!

/r/privacy Thread Link - arstechnica.com
Previous
Next

Recently removed from /r/privacy

The DEA Quietly Turned Apple’s AirTag Into A Surveillance Tool Six urgent questions TikTok’s CEO needs to answer for US lawmakers. Stakes are high for the app’s US future with the administration pushing for Chinese owners to sell their shares in the firm. this guy I'm doing business with pulled up all my info somehow.. (ssn, addresses, even phone carrier) How accurate is IP address? What’s the best app to use on mobile for secure and private messaging ? Amazon's empire of surveillance: Through recent billion-dollar acquisitions of health care services and smart home devices, the tech giant is leveraging its monopoly power to track 'every aspect' of our lives Why is Android Firefox Nightly frequently connecting to location.services.mozilla.com even with Location disabled in phone, app settings, and permissions? EU chat control bill: fundamental rights terrorism against trust, self-determination and security on the Internet California Targets Loud Exhaust with Sound-Activated Camera Enforcement EcoVacs Deebot Vaccum cleaner / app scanning my internal network addresses. How about this for privacy? Samsung says it can remotely disable stolen TVs Question: If a hacker were using an IMSI device, or exploiting the SS7 vulnerability to listen to your phone calls — would changing your phone # cut off their access? FBI and AFP created an "anonymous and secure" messaging app to collect messages from criminals Tool for deleting old social media posts - seems to work but not open source - any thoughts?

More Random Comments

"Colonialism stole our Holy Genders" Morbius Delayed by a week why is the big brother fanbase so hateful Day One. Again and again and again... Suggested threesome to wife, lead to huge fight and now she’s talking about divorce, just need help/advice What did you add to or removed from your shelf last month? (May, 2021) Why has the military so much more trusted by the public than other government institutions? My(13f) parents(mid 40s) took off my door 6 months ago and it’s driving me insane. My problem with locking mechanics behind quests. Rider licenziato per aver strappato biglietto inneggiante a Mussolini, la piattaforma lo reintegra: "Aderiamo alla Carta di Bologna" It's real Where is the best place to keep my money when saving up for a real estate investment Truer words were never spoken ... ‘He was suffering from Modism’, ‘gaumuthra drinking sanghii’: Minutes after Rohit Sardana’s death, Islamists vandalise his Wikipedia page Boyfriend Told Me to Lose Weight Even Though I’m Healthy