Signal says there’s “no evidence” of device-hijacking flaw
Signal has been forced to deny rumours sweeping social media that its messaging software was suffering from a serious zero-day vulnerability.
Reports spread on social media over the weekend that a flaw in the way the app generated link previews would allow attackers to take control of devices. Signal users were advised to switch off the link previews in the app’s settings to mitigate the alleged flaw.
This morning, the company has taken the unusual step of denying that the flaw exists on its own X (formerly Twitter) account.
“We have seen the vague viral reports alleging a Signal 0-day vulnerability,” the company tweeted. “After responsible investigation we have no evidence that suggests this vulnerability is real nor has any additional info been shared via our official reporting channels.”
A follow-up tweet stated: “We also checked with people across US Government, since the copy-paste report claimed USG as a source. Those we spoke to have no info suggesting this is a valid claim. We take reports to [email protected] very seriously, and invite those with real info to share it there.”
Signal’s president, Meredith Whittaker, went even further, suggesting the rumours were part of an orchestrated campaign. “WE HAVE NO EVIDENCE THAT THE REPORT IS REAL,” she tweeted. “Pls share with anyone who passed you this info. The vague and viral form of the report has the hallmarks of a disinfo campaign.”
Signal has been one of the biggest critics of the UK Government’s plans to clamp down on end-to-end encryption, as part of the recently passed Online Safety Bill. In addition, Whittaker has posted tweets in the past week that appear to be critical of Israel’s recent actions in Gaza. To be clear, we’ve seen no evidence of any link between the Signal “disinfo” and the company’s/CEO’s public statements.
NEXT UP
Hackers beware: UK data centres now have critical national infrastructure protection (CNI)
UK government beefs up national security by adding CNI status to its data centres – here’s why it should help
Hans-Martin Zogg, Business Director TPS, Leica Geosystems: “Ensuring accurate, tamper-free measurements in high-pressure environments is a complex problem”
If you’ve ever wanted to know how Olympics organisers measured distances thrown in field events, Hans-Martin Zogg, Business Director TPS, Leica Geosystems, has the answer.
Generative AI takes off in business – but don’t call it a bubble
Confused by AI? You’re not alone. Consultancies struggle to understand what’s next in AI, too