Login

Recent searches

No recent searches

Search options

Only available when logged in.
fosstodon.org is one of the many independent Mastodon servers you can use to participate in the fediverse.
Fosstodon is an invite only Mastodon instance that is open to those who are interested in technology; particularly free & open source software. If you wish to join, contact us for an invite.

Administered by:

Server stats:

10K
active users

fosstodon.org: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.6

l

I tried to find when has published the most recent audit, and it turns out they either never published an audit or their code was never audited at all.

The closest thing I found is the list
community.signalusers.org/t/ov
which only cites research papers and some evidence that in 2018 Signal paid Doyensec, but nothing got published as the result. Even then, it looks like the apps were not audited for more than 5 years since then.

Signal Community · Overview of third-party security auditsNew paper from RWC 2024 demonstrating an injection attack against signals (on-device/offline) backup: paper RWC 2024 talk recording Signal already fixed this: Signal acknowledged our vulnerability and have already included hiding boundaries between ciphertexts in their v1 revision to their Android backup file format.
Feb 20, 2025, 01:38 AM·Public
13boosts·15favorites
ExploreLive feeds
About