Would this be just marketing, or a real threat for double ratchet encryption? This sound really sad if true. Not sure if Signal has anything to comment about this announcement…
This is absolutely not a threat to the in flight messages of Signal. Basically, what they claim is that if they can break into your phone, they can read your stored message, which is absolutely not new since you can just open the App and access everything ^^.
Hmm, according to this subreddit, it looks more like marketing, since it seems they can get to your messages if having physical access to your phone, and if having root access t it, given an original but removed post cached in:
I really hope that’s the case, and also that even by having physical access, but if the phone is encrypted, then it’s somehow safe, in case of being stolen or the likes…
The whole claim that this company can “hack” the app sounds completely trumped up to me.
Tweets from the creator of Signal:
From Edward Snowden:
Delete in one hour->problem solved
“No, Cellebrite cannot decrypt Signal communications. What they sell is a forensic device cops connect to insecure, unlockable phones to download a bunch of popular apps’ data more easily than doing it manually. They just added Signal to that app list. That’s it. There’s no magic.” -@snowden on twitter
What doesn unlockable means BTW? unencrypted? To install Lineage for example, one needs to unlock the bootloader. Is that the unlocking mentioned, or something else?
I think it refers to the operating systems locking mechanism (what you do on boot to unencrypt/unlock your phone). Basically if you don’t add a password lock to your phone or make your phone password 1234 it doesn’t matter how secure the apps and protocols are, you’re fucked at the access point.
Snowden seems to mean just the lock on the phone i.e. a PIN number.
Cellebrite is such a big brain company, they amaze me. They can hack iPhones though, but not some of the best Androids. Now they come up with this Signal lie.
They are one mixed bag.
it was useless, now it useless and hacked