Don't worry, the CIA didn't actually crack Signal

12comments
Don't worry, the CIA didn't actually crack Signal
There's a very specific piece of news that's been doing the rounds for the past few days, disturbing the inner peace of privacy advocates. WikiLeaks released more than 8,000 classified documents on Tuesday, detailing some of CIA's hacking and surveillance methods. And while there isn't much debate, regarding the legitimacy of the documents, a lot of medias jumped to the wrong conclusions, based on the leaked information.

According to the majority of the Internet, the CIA managed to crack the encryption of several secure messaging apps, including Signal, Telegram, WhatsApp and Confide. And while WhatsApp has been under fire before, the others were generally perceived as being as secure as possible up until that point. A lot of those statements are now corrected or redacted, though, as it turns out that the apps are still as private as ever, and the breaking news turned out to be a major misconception.

The CIA could still gain access to the conversations on these apps, but not by cracking the encryption itself. What the leaked documents reveal are methods to take control of devices and use that control to spy on the communication that's running through them.

Joseph Hall, chief technologist for the Center for Democracy & Technology, provided the following easy-to-understand explanation on what's actually happening for TechCrunch:



What this means is that, no matter how secure your apps are, there are methods for a hacker to spy on them. After all, the messages you receive have to be decrypted and displayed on the screen for you to read, and a simple screenshot will provide all the information one could get via the far more costly and complicated (if not impossible) decryption.

Recommended Stories
Don't worry, though. This doesn't mean that you're powerless to stop a hacker, trying to get to your data. It only means that you should not rely on encrypted messaging apps alone if you are serious about your privacy.

“Unfortunately, you have to keep very, very good control over your phone. There's just no perfect answer in terms of being 100% unexploitable,” said Joseph Hall.

source: TechCrunch

Recommended Stories

Loading Comments...
FCC OKs Cingular\'s purchase of AT&T Wireless