CyberSecurity news

FlagThis - #signal

@arstechnica.com //

Signal Blocks Microsoft Recall Over Privacy Concerns

Signal, the privacy-focused messaging application, has taken action to block Microsoft's controversial Recall feature from capturing screenshots of its desktop app content on Windows 11. Citing privacy concerns over Recall's ability to automatically take screenshots of on-screen activity, Signal has implemented a "screen security" setting, enabled by default, that leverages Digital Rights Management (DRM) to prevent the tool from accessing and recording private conversations. This move comes as Signal expresses discontent with Microsoft's approach, arguing that Recall lacks sufficient developer controls to exclude specific apps and protect sensitive information.

Microsoft's Recall feature, designed for Copilot+ PCs, works by continuously taking screenshots and creating a searchable database of user activity. Signal argues that this poses a significant risk to the privacy of its users, as private conversations could be inadvertently captured and stored. By implementing DRM, Signal sets a flag on its application window that instructs Recall, and any other screenshotting application, to ignore its content. While Signal acknowledges this is a blunt tool that may interfere with accessibility software, it believes Microsoft left them with no other choice.

Signal has criticized Microsoft for not providing developers with the necessary tools to manage how Recall interacts with their applications. The messaging app argues that it shouldn't have to resort to using DRM "content protection hacks" to safeguard user privacy. Signal hopes that AI teams building systems like Recall will carefully consider the privacy implications and avoid forcing apps to use workarounds to protect the integrity of their services. They want the AI teams to know that this will potentially affect accessibility options like screen readers.

Share: bluesky twitterx--v2 facebook--v1 threads


References :
  • security ? Ars Technica: “Microsoft has simply given us no other option,†Signal says as it blocks Windows Recall
  • The Register - Software: Signal shuts the blinds on Microsoft Recall with the power of DRM
  • www.techradar.com: Signal blasts Microsoft over Recall privacy failings, as secure messaging app is forced to fudge a way of blocking the controversial Windows 11 feature
  • Dropsafe: By Default, Signal Doesn’t Recall | Signal Windows app leverages DRM content protection hacks to hide messages from Windows Recall
  • Dan Goodin: Signal writes: "We hope that the AI teams building systems like Recall will think through these implications more carefully in the future. Apps like Signal shouldn’t have to implement “one weird trick†in order to maintain the privacy and integrity of their services without proper developer tools. People who care about privacy shouldn’t be forced to sacrifice accessibility upon the altar of AI aspirations either."
  • www.bleepingcomputer.com: Signal now blocks Microsoft Recall screenshots on Windows 11
  • CyberInsider: Signal Deploys Countermeasure to Shield Messages from Windows Recall
  • securityaffairs.com: New Signal update stops Windows from capturing user chats
  • Schneier on Security: Signal Blocks Windows Recall
  • cyberinsider.com: Signal Deploys Countermeasure to Shield Messages from Windows Recall
Classification:
  • HashTags: #Signal #MicrosoftRecall #Privacy
  • Company: Microsoft
  • Target: Signal users
  • Product: Windows Recall, Signal
  • Feature: Privacy Blocker
  • Type: ProductUpdate
  • Severity: Medium
Pierluigi Paganini@Security Affairs //

Hacker Stole Data From Modified Signal Provider

A hacker has successfully breached TeleMessage, an Israeli company that provides modified versions of secure messaging apps such as Signal, WhatsApp and Telegram to the U.S. government. The breach resulted in the exfiltration of sensitive data, including archived messages from these modified apps. TeleMessage has suspended all services and is currently investigating the incident. The breach highlights the vulnerabilities associated with modifying secure messaging applications, especially concerning the preservation of end-to-end encryption.

The compromised data includes the contents of direct messages and group chats, as well as contact information for government officials. 404 Media reported that the hack exposed data related to U.S. Customs and Border Protection (CBP), the cryptocurrency exchange Coinbase, and several other financial institutions. The hacker claimed the entire process of accessing TeleMessage’s systems took only 15-20 minutes, underscoring the ease with which the security was circumvented. Despite the breach, there are reports that messages from top US government officials and cabinet members were not compromised.

TeleMessage, which was recently in the spotlight after former U.S. National Security Advisor Mike Waltz was seen using their modified version of Signal, offers archiving services for messages. However, the hack revealed that the archived chat logs were not end-to-end encrypted between the modified app and the ultimate archive destination controlled by the TeleMessage customer. Smarsh, the parent company of TeleMessage, has engaged an external cybersecurity firm to support the investigation and has temporarily suspended all TeleMessage services as a precaution. A Coinbase spokesperson stated that the company is closely monitoring the situation, but has not found any evidence of sensitive customer information being accessed or accounts being at risk.

Share: bluesky twitterx--v2 facebook--v1 threads


References :
  • securityaffairs.com: SecurityAffairs: A hacker stole data from TeleMessage, the firm that sells modified versions of Signal to the U.S. gov
  • Talkback Resources: A hacker stole data from TeleMessage, the firm that sells modified versions of Signal to the U.S. gov [app]
  • www.techradar.com: TeleMessage, the Signal-esque app used by the Trump administration, has been hacked
  • www.metacurity.com: A hacker stole content from the Telemessage system used by the US government
  • TechCrunch: TeleMessage, a modified Signal clone used by US govt. officials, has been hacked
  • The DefendOps Diaries: TeleMessage Breach: Unveiling the Risks of Modified Secure Messaging Apps
  • techcrunch.com: TeleMessage, a modified Signal clone used by US government officials, has been hacked
  • Risky Business Media: Trump admin’s Signal clone gets hacked, messages exposed
  • The Register - Security: Signal chat app clone used by Signalgate's Waltz was apparently an insecure mess
  • siliconangle.com: The security of U.S. government officials’ communications has come under the spotlight again after a modified Signal app used to archive data from third-party messaging apps was hacked in less than 30 minutes.
  • WIRED: Signal Clone Used by Mike Waltz Pauses Service After Reports It Got Hacked
  • CyberInsider: Signal Clone App Used by Trump Officials Breached in Minutes
  • Metacurity: Criminal scam network run by Darcula exposed by journalists, DragonForce takes credit for Co-op attack, NoName attacked Romanian gov't websites on election day, US indicts Black Kingdom ransomware dev, Trump wants to slash nearly $500m from CISA, Qilin claims Cobb Co. attack, much more
  • arstechnica.com: TeleMessage, a company that provides modified versions of Signal for message archiving, has suspended its services after a reported hack, exposing communications from U.S. government officials.
  • hackread.com: TM SGNL, a chat app by US-Israeli firm TeleMessage used by Trump officials, halts operations after a breach…
  • www.404media.co: A hacker has exploited a vulnerability in TeleMessage, a company that provides modified versions of encrypted messaging apps, to extract archived messages and data related to U.S. government officials and companies that used the service, according to a report by 404 Media.
  • www.csoonline.com: The Israeli company behind the obscure messaging app former US national security advisor Mike Waltz was photographed using on his iPhone last week was recently hacked, it has been alleged.
  • Metacurity: You ask yourself how the Trump administration's insane messing around with the Signal app and its clones could get any worse, and then the universe tells you how. The Signal Clone the Trump Admin Uses Was Hacked
  • Dropsafe: US Gov’t Signal-clone with backdoor for message retention, hacked, messages leaked | …I really hope #Ofcom are watching re: the impact of proposed client side scanning
  • BleepingComputer: Unofficial Signal app used by Trump officials investigates hack
  • arstechnica.com: Signal clone used by Trump official stops operations after report it was hacked
  • securityaffairs.com: A hacker stole data from TeleMessage, the firm that sells modified versions of Signal to the U.S. gov
  • go.theregister.com: Signal chat app clone used by Signalgate's Waltz was apparently an insecure mess
  • iHLS: Israeli Encrypted Messaging Archiving Platform Used by U.S. Officials Compromised in Cyberattack
  • www.insicurezzadigitale.com: Clonazione di Signal: sospesa dopo hacking un’app utilizzata da un ex funzionario dell’amministrazione Trump
  • bsky.app: TeleMessage, the Signal clone used by US government officials, suffers hack
  • Privacy ? Graham Cluley: TeleMessage, the Signal clone used by US government officials, suffers hack
  • WIRED: The Signal clone Mike Waltz Was Caught Using Has Direct Access to User Chats
  • www.wired.com: Signal Clone Used by Mike Waltz Pauses Service After Reports It Got Hacked
  • WIRED: Customs and Border Protection Confirms Its Use of Hacked Signal Clone TeleMessage
  • Metacurity: TeleMessage suspends service following reported hack
Classification:
  • HashTags: #DataBreach #TeleMessage #Signal
  • Company: TeleMessage
  • Target: TeleMessage, U.S. Government
  • Product: TeleMessage
  • Feature: Data Theft
  • Type: DataBreach
  • Severity: Medium

Posts

Blogs

Research Tools