However, it could put their security, privacy and safety at risk, especially for users living under authoritarian regimes in which apps like Keybase and Signal are increasingly relied on as a way to conduct conversations out of earshot of law enforcement or security services. The flaw in the encrypted messaging application ( CVE-2021-23827 ) does not expose Keybase users to remote compromise. Honestly, no one should expect the app, he is trusting, to behave erratically in a secrecy context exposing its users to a threat that: they didn’t expect, cannot prevent, and will not be notified of.A serious flaw in Zoom’s Keybase secure chat application left copies of images contained in secure communications on Keybase users’ computers after they were supposedly deleted. “If you have reasons to worry about your personal security, we strongly recommend using only Secret Chats” When I was using Telegram Secret Chat, I was expecting it to behave like what they stated in their Wiki, the fact that it does not comply with it is something the user should be made aware of. Message will then disappear from both your and your friend’s devices.” “Messages and media files to self-destruct in a set amount of time after they have been read or opened. Especially because that is in contrast with their own design: Exportable medias in secret chat context should not be possible, or at least, not without notifying your interlocutor. Now, this bug is (in my opinion), at very least, a bad design choice. Longer timers in Secret Chats are intended for ‘self-cleaning’ communication and not to prevent pictures from being saved.”īasically, they were telling me that the bug I was reporting is an intended feature and a design choice they were aware of. “ Media sent in secret chats either without a timer or with a timer longer than 1 hour have all these options (the one that allows a media to be exported). I tried to contact Telegram in order to report this bug: Please also note that, differently from trying to take a screenshot, this action will not be notified to the other part.įor me, this bug, was an unintended behaviour since, media shared in a normal chat with the expiration time setting enabled, are correctly deleted and sharing/saving the media is prevented. If I chose the ‘save in the gallery’ option, I can easily store the media somewhere else and prevents its deletion after the expiration date. When a user sends a media file, it will be opened with the “default player/viewer” and a useful menu will appear: On the latest Telegram Android/iOS App, I discovered a nasty bug in the secret chat.
0 Comments
Leave a Reply. |