PSA: we have seen the vague viral reports alleging a Signal 0-day vulnerability.

After responsible investigation *we have no evidence that suggests this vulnerability is real* nor has any additional info been shared via our official reporting channels.

9
Share
Share on Mastodon
Share on Twitter
Share on Facebook
Share on Linkedin
Signal

We also checked with people across US Government, since the copy-paste report claimed USG as a source. Those we spoke to have no info suggesting this is a valid claim.

We take reports to security@signal.org very seriously, and invite those with real info to share it there. 2/

4
1y
John Livingston

@signalapp

Hi,

Could you add a link on signal.org, pointing to your Mastodon profile, with a rel="me" attribute. And then add a link to signal.org on your mastodon profile?
So that your account appears to be certified (to be sure you are not a fake account).

More info here:
joinmastodon.org/verification
("here's how" section).

0
1y
gunstick

@signalapp for sure generated by bullshit AI.

0
1y

@signalapp isn’t if funny how this unconfirmed security claim appears at the same time there was a poll on Mastodon about messaging apps in context to WhatsApp introducing ads? Signal was pointed as 1/3 alternative.

0
1y
JanGebauer

@signalapp great that you share it here as well and not only on X 👍... Many of you more security conscious users might have migrated here already (unsubstantiated claim 😉)

0
1y
Børge A. Roum

@signalapp You really need to verify your account, or move it over to your own server, if you want people to rely on posts like this! It's really easy, just do it!

0
1y
Ferdi Magellan

@signalapp

@mpesce

#signalapp

0
1y
Replies