Signal also checked with US government sources about the alleged flaw, which cropped up over the weekend, but says those 'we spoke to have no info suggesting this is a valid claim.'
Otter
link
fedilink
361Y

TLDR: Person posted about a tip, Signal investigated, turns out claim was unfounded and person took down post and apologized.

Issue was thought to be with the link previews


The rumors about an unknown vulnerability impacting Signal started when certain users on X, including @gaughen, posted about it, claiming that he had received a tip on its existence. Other sources pointed to U.S. Cyber Command as being the original source of the zero-day without providing any evidence.

Gaughen’s post on X claimed that the vulnerability related to the ‘Generate link previews’ feature, accessible through Settings → Chat, suggesting that everyone disables it to prevent becoming a victim. However, no further details about the alleged flaw, or other information about its exploitation were provided in that post.

Signal says claims unfounded

In a public service announcement published on X earlier today, Signal informed its userbase that after investigating the unfounded claims, it has found no actual information or evidence proving the existence of a zero-day relating to ‘Generate link previews.’

The platform also contacted people from USCYBERCOM, which was rumored to have more info on the subject, and received assurances that the agency holds no such info. Signal’s president, Meredith Whittaker, even went as far as characterizing the report as a typical example of a disinformation campaign, being purposefully vague while carrying enough clues to go viral.

Today, Gaughen deleted his original tweet about the zero-day vulnerability and posted an apology to his followers, saying that “the information he had been given earlier was false,” and there’s no zero-day on Signal relating to link previews.

Create a post

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

  • Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
  • Don’t promote proprietary software
  • Try to keep things on topic
  • If you have a question, please try searching for previous discussions, maybe it has already been answered
  • Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
  • Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

  • 0 users online
  • 57 users / day
  • 383 users / week
  • 1.5K users / month
  • 5.7K users / 6 months
  • 1 subscriber
  • 3.13K Posts
  • 78.3K Comments
  • Modlog