The encrypted messaging app Signal has stopped responding to requests from Ukrainian law enforcement regarding Russian cyberthreats, a Ukrainian official claimed, warning that the shift is aiding Moscow’s intelligence efforts.
The article explains everything. The gist is Russians are targeting Ukrainians with phishing attacks via Signal. There also is the suggestion they’re exploiting the linked devices functionality, though I’m not sure how.
Because they can’t without backdooring the software? Just like they also refuse to co-operate with Swedish government and threatened to leave the market should Sweden try to force them.
You know Russian spies can also use TOR onion routing and so on.
As for phishing there is nothing Signal can do about someone scanning a signal contact sharing QR and adding it to their contracts list beyond informative “hey are you really sure, really really sure you want to add this contact”. If user trusts someone they shouldn’t, no amount of app policy protections help. Or maybe they manage to shish them to scan and approve “share account to another device”. Again nothing Signal can do about that.
Not sure. Might be political tension. Might be that phishing attacks are typically user error, and Signal feels like at a certain point it’s not their responsibility. Hard to say beyond conjecture, and I didn’t see a clear reason given in the article.
The app?
Yes.
Yes.
Damn… Hmm are they part of the US government?
The article explains everything. The gist is Russians are targeting Ukrainians with phishing attacks via Signal. There also is the suggestion they’re exploiting the linked devices functionality, though I’m not sure how.
Appreciate this, I don’t click links lol
Apparently if they can get you to scan some bogus qr code they can get you add their device to your account.
Why signal not cooperating tho? Following us government?
I strongly suggest doing so if you want to understand what the article is about
Comment section is all I need
Because they can’t without backdooring the software? Just like they also refuse to co-operate with Swedish government and threatened to leave the market should Sweden try to force them.
You know Russian spies can also use TOR onion routing and so on.
As for phishing there is nothing Signal can do about someone scanning a signal contact sharing QR and adding it to their contracts list beyond informative “hey are you really sure, really really sure you want to add this contact”. If user trusts someone they shouldn’t, no amount of app policy protections help. Or maybe they manage to shish them to scan and approve “share account to another device”. Again nothing Signal can do about that.
As long as there’s a clear confirmation dialog.
Not sure. Might be political tension. Might be that phishing attacks are typically user error, and Signal feels like at a certain point it’s not their responsibility. Hard to say beyond conjecture, and I didn’t see a clear reason given in the article.
That’s not how anything works