PSA: we have seen the vague viral reports alleging a Signal 0-day vulnerability.
After responsible investigation *we have no evidence that suggests this vulnerability is real* nor has any additional info been shared via our official reporting channels.
We also checked with people across US Government, since the copy-paste report claimed USG as a source. Those we spoke to have no info suggesting this is a valid claim.
We take reports to [email protected] very seriously, and invite those with real info to share it there. 2/
Hi,
Could you add a link on signal.org, pointing to your Mastodon profile, with a rel="me" attribute. And then add a link to signal.org on your mastodon profile?
So that your account appears to be certified (to be sure you are not a fake account).
More info here:
https://joinmastodon.org/verification
("here's how" section).
@John_Livingston @signalapp You've tweeted your handle once, but verifying your account would be waaay better.
@signalapp Please verify your profile on Mastodon, and maybe mention on it on your website too.
The only official resource that I found linking this account to signal.org is this tweet from the official X/Twitter account and Twitter is not very reliable these days :/
@photovince Nice 🎉
They weren't verified at that time but this is great!
@Oozenet if that's what happened, then it's taking a slightly older vuln and misunderstanding it as a new vuln, then creating a rumor around it. In which case the rumor is erroneous, yeah, and Signal is correct that there's no "link preview vuln" as claimed.
Hope that helps in understanding.
speech
Signal
Draken BlackKnight
marcel
John Livingston
D S
Katzentratschen
Glyph
Chris Renfrow
Aravinth Manivannan
Vincent 🌻🇪🇺 en 🌹☘️
Thaiis Thei 𓁟
Myrion
gunstick
JanGebauer
Børge
Many Colors, Many Forms, Many Flavors, Maybe More
Ferdi Magellan
DJ Calamus 