It turns out that macOS client for the popular end-to-end encrypted messaging app Signal fails to properly delete disappearing (self-destructing) messages from the recipient’s system, leaving the content of your sensitive messages at risk of getting exposed.
For those unaware, the disappearing messages in Signal self-destruct after a particular duration set by the sender, leaving no trace of it on the receiver’s device or Signal servers.
However, security researcher Alec Muffett noticed that the messages that are supposed to be “disappearing” can still be seen—even if they are deleted from the app.
images from Hacker News
Recent Comments