[liberationtech] Signal ignores proxy censorship vulnerability, bans researchers
Myles Horton
myles at getlantern.org
Wed Feb 24 06:59:41 CET 2021
Just for the record, the people who posted the vulnerability are hardly
trollers. First, the vulnerability is obvious and doesn't really need any
formal proof. Second, one of the researchers is Sergey Frolov, one of the
top people in the field.
-Adam
On Mon, Feb 8, 2021 at 6:02 PM bo0od <bo0od at riseup.net> wrote:
> Nothing is concerned just trollers want to damage the image of signal
>
> Yosem Companys:
> > The claims in this article are concerning if true. That said, I will note
> > that I remain supportive of Signal's efforts, both because its founders
> and
> > key developers have not only been longtime members of our community but
> > also proven themselves time and again indispensable at helping high-risk
> > activists in need, most notably during the Arab Spring.
> >
> > ****
> >
> > Signal, an end-to-end encrypted messaging platform was recently blocked
> by
> > the Iranian government.
> >
> > To help its users bypass censorship in Iran, the company suggested a TLS
> > proxy workaround.
> >
> > However, multiple researchers have now discovered flaws in the workaround
> > that can let a censor or government authority probe into Signal TLS
> > proxies, rendering these protections moot and potentially bringing
> > repercussions for Signal users located in repressive regimes.
> >
> > The researchers who reported these flaws via Signal's GitHub repository
> > have been banned by the company with their reported issues removed.
> >
> >
> https://www.bleepingcomputer.com/news/security/signal-ignores-proxy-censorship-vulnerability-bans-researchers/
> >
> >
>
> --
> Liberationtech is public & archives are searchable from any major
> commercial search engine. Violations of list guidelines will get you
> moderated: https://lists.ghserv.net/mailman/listinfo/lt. Unsubscribe,
> change to digest mode, or change password by emailing
> lt-owner at lists.liberationtech.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ghserv.net/pipermail/lt/attachments/20210223/d55ee2c3/attachment.htm>
More information about the LT
mailing list