Deep@mander.xyz to Technology@lemmy.worldEnglish · 5 days agoGerman members of parliament (MPs) advised to drop Signal in favor of Wire over security concernscyberinsider.comexternal-linkmessage-square39linkfedilinkarrow-up1221arrow-down114
arrow-up1207arrow-down1external-linkGerman members of parliament (MPs) advised to drop Signal in favor of Wire over security concernscyberinsider.comDeep@mander.xyz to Technology@lemmy.worldEnglish · 5 days agomessage-square39linkfedilink
minus-squareRecursiveParadox@piefed.sociallinkfedilinkEnglisharrow-up1·2 days ago But I hate how much metadata that Wire leaks. This is the first I have heard of this - can you point me to any sites?
minus-squarenymnympseudonym@piefed.sociallinkfedilinkEnglisharrow-up2·2 days ago Wire API calls use WebRTC, DTLS, SRTP, and TURN relays, which all encrypt data but leak metadata Creator, timestamp, participants, devices, and group name are stored server-side https://github.com/wireapp/wire/issues/103 Server therefore can infer who is connected to whom and which devices belong to each account https://github.com/wireapp/wire/issues/214 No mitigation from timing attacks https://www.research-collection.ethz.ch/bitstreams/669f99ed-bbdc-4818-b0b9-0519e0427d42/download
minus-squareRecursiveParadox@piefed.sociallinkfedilinkEnglisharrow-up2·1 day agoThanks for the very detailed reply! I’ll check into it.
This is the first I have heard of this - can you point me to any sites?
Thanks for the very detailed reply! I’ll check into it.