The desktop app still has the vulnerability that was disclosed in 2018. It's not a direct vulnerability in the encryption that Signal uses but if you can get access to someone's computer with malicious software or physical access you can mirror their signal app.
https://www.bleepingcomputer.com/news/security/signal-desktop-leaves-message-decryption-key-in-plain-sight/
The hand waving from Meredith Whitaker saying it's not a problem was odd.
Hmmm. I hadn't realised that exploit was so old. Definitely odd.
Please Login to reply.
No replies yet.
