[liberationtech] Signal ignores proxy censorship vulnerability, bans researchers
Yosem Companys
ycompanys at gmail.com
Mon Feb 8 05:08:40 CET 2021
The claims in this article are concerning if true. That said, I will note
that I remain supportive of Signal's efforts, both because its founders and
key developers have not only been longtime members of our community but
also proven themselves time and again indispensable at helping high-risk
activists in need, most notably during the Arab Spring.
****
Signal, an end-to-end encrypted messaging platform was recently blocked by
the Iranian government.
To help its users bypass censorship in Iran, the company suggested a TLS
proxy workaround.
However, multiple researchers have now discovered flaws in the workaround
that can let a censor or government authority probe into Signal TLS
proxies, rendering these protections moot and potentially bringing
repercussions for Signal users located in repressive regimes.
The researchers who reported these flaws via Signal's GitHub repository
have been banned by the company with their reported issues removed.
https://www.bleepingcomputer.com/news/security/signal-ignores-proxy-censorship-vulnerability-bans-researchers/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ghserv.net/pipermail/lt/attachments/20210207/824b0423/attachment.html>
More information about the LT
mailing list