お知らせ:076はゲーム開発スタジオとなる為、5月2日をもって076萌SNS及び076萌Mitraのサービスを終了致します。諏訪子様は、新しいスタッフ専用ののMitraインスタンスで引き続きフォロー出来ます。
これまで076萌SNS又は076萌Mitraをご利用頂き、誠に有難う御座いました。
Notices where this attachment appears
-
theruran 🌐🏴 (theruran@hackers.town)'s status on Thursday, 12-Jan-2023 03:27:20 JST 
theruran 🌐🏴
#Threema encrypted messenger got rekt:
In our work, we present seven attacks against the cryptographic protocols used by Threema, in three distinct threat models. All the attacks are accompanied by proof-of-concept implementations that demonstrate their feasibility in practice.
https://breakingthe3ma.app/
archived at: https://web.archive.org/web/20230111141555/https://breakingthe3ma.app/In the event an ephemeral key is exposed even once, an attacker can permanently impersonate the client to the server and then obtain all metadata in all E2EE messages. This is a remarkable shortcoming because ephemeral keys should never be able to authenticate a user. With Threema, leaking of an ephemeral key has the same effect as leaking a long-term key.
076萌SNS is a social network, courtesy of 076. It runs on GNU social, version 2.0.2-beta0, available under the GNU Affero General Public License.
All 076萌SNS content and data are available under the Creative Commons Attribution 3.0 license.