- cross-posted to:
- [email protected]
- cross-posted to:
- [email protected]
“When you use Signal, your data is stored in encrypted form on your devices. The only information that is stored on the Signal servers for each account is the phone number you registered with, the date and time you joined the service, and the date you last logged on.”
This isn’t an ad, I wasn’t paid for this post. Just to clear the air: fuck facebook, fuck elon musk and twitter, fuck anyone who thinks this is a paid advertisement. I wish I was paid for this shit, I just wanted to spread the word. Thank you. 😀 👍
If your claim is:
Yes, there is in fact a duty to at least warn people that their very means of input is an attack vector. Yet the Signal App public-facing messaging says nothing of the sort. Instead it says:
You have to go pretty damned deep in the documentation before you finally get the tepid warning about keyboard apps. Like really deep. With no actual mitigation suggestions or recommendations. Almost as if, you know, they don’t actually give a damn.
If your target market is security professionals, this is barely forgivable since they would presumably know about attack vectors like this. This, however, is what Signal seems to view their target market as:
And I, for one, think there’s a responsibility when security pros market to normies. A responsibility which Signal App has been actively dodging (they’ve had their feet held to the fire for this from multiple sources!) for years now.
Almost as if, you know, they don’t actually give a damn.
Almost.
Sorry, but Signal is still a messenger app. They didn’t set to make a keyboard app. You are barking at the wrong tree.
Sorry, but Signal is still a messenger app. They didn’t set to make a keyboard app. You are barking at the wrong tree.