076萌SNS
  • Login

  • Public

    • Public
    • Network
    • Groups
    • Popular
    • People

Conversation

Notices

  1. Dan Goodin (dangoodin@infosec.exchange)'s status on Wednesday, 11-Jan-2023 11:21:23 JST Dan Goodin Dan Goodin

    Encrypted messenger billed as better than Signal is riddled with vulnerabilities

    This is a cautionary tale for anyone who works with crypto (as in cryptography). When you spin out your own protocols, you have a high chance of getting a critical part of it wrong. In the case of Threema, an app that's mandated for use by the Swiss Army and used by many other high-profile organizations in Euope, it got several critical parts wrong.

    Remember: don't roll your own crypto.

    Threema's case is aggravated by the unusually bold security claims it made. Pride comes before the fall, I suppose.

    https://arstechnica.com/information-technology/2023/01/messenger-billed-as-better-than-signal-is-riddled-with-vulnerabilities/

    In conversation Wednesday, 11-Jan-2023 11:21:23 JST from infosec.exchange permalink

    Feeds

    • Activity Streams
    • RSS 2.0
    • Atom
    • Help
    • About
    • FAQ
    • TOS
    • Privacy
    • Source
    • Version
    • Contact

    076萌SNS is a social network, courtesy of 076. It runs on GNU social, version 2.0.2-beta0, available under the GNU Affero General Public License.

    Creative Commons Attribution 3.0 All 076萌SNS content and data are available under the Creative Commons Attribution 3.0 license.