Signal’s Messenger Eavesdropping Exploit - SaltDNA CTO Shares His Views

23/10/2019 | Daisy McElherron

On the 27th September 2019, Google Project Zero security researcher, Natalie Silvanovich, reported a bug in encrypted messaging service, Signal. According to her report, “there was a logic error in Signal that can cause an incoming call to be answered even if the user does not pick up”. The bug is reminiscent of Apple’s FaceTime bug discovered in January, which similarly allowed attackers to eavesdrop on iPhone users.

On the 27th September 2019, Google Project Zero security researcher, Natalie Silvanovich, reported a bug in encrypted messaging service, Signal. According to her report “there was a logic error in Signal that can cause an incoming call to be answered even if the user does not pick up”. The bug is reminiscent of Apple’s FaceTime bug discovered in January which similarly allowed attackers to eavesdrop on iPhone users.

The bug occured in the ‘ringing’ stage of a call, attackers press the mute button very quickly and avoid a long ring that may alert victims. The bug essentially allows a hacker to phone a target device, and then the call would be answered without the recipient needing to accept the call, therefore, allowing the hacker to listen-in on the victim. The user’s would still hear an audible ringtone or feel the phone vibrate, just as a regular Signal call. The bug only worked via Signal audicalls and not video calls, as the Signal app require users to manually enable camera access in calls.

After the bug details were made public, Signal’s creator, Moxie Marlinspike, claimed:

“The exploit does not allow an attack to silently enable the targeting device’s microphone- the victim would see on the screen that there is an ongoing call, and the call is logged in Signal’s list of conversations.”

Android users were the ones in danger of the flaw. Yet the same logical problem occured in the iOS client also, the only thing that stops the same attack on Apple’s operating system is an error in the user interface code.

How dangerous was the exploit?

Any attack that compromises the privacy of their users is regarded as a dangerous exploit. Anything that can bypass privacy measure for a service where calls are “painstakingly engineered to keep your communication safe” has to be taken seriously, claims Forbes.

However, Signal tried to reassure users that the issue was fixed on the same day the exploit took place, as claimed by Open Whisper System. A Signal spokesperson confirmedthat the fix for the bug is version 4.47.67 of the app. So as long as users ensure their app is automatically updated to the latest version as these are released, the risk of being spied upon is greatly reduced.

“This is a prime example of the dangers associated with using consumer apps, like Signal and WhatsApp. Applications such as these are open to the wider market and can be used in any way they wish. By making their global directory open, consumer messaging apps are the perfect targets for attacks such as the one that Signal suffered recently. Whilst these solutions offer encryption, it is becoming increasingly evident that encryption does not mean security in relation to communication. With the SaltDNA solution, there is no opportunity for private and confidential information and data to be compromised due to the central control and management capabilities provided to organisations who can ensure that they have full control over who accesses the system - eliminating the possibility of an attack similar to those suffered by Signal and WhatsApp.” Stated SaltDNA’s CTO, Patrick Keehan.

Signal is used by many political activists, dissidents and investigate journalists where privacy is imperative, however, such users are putting themselves at risk using these consumer apps. Furthermore, Edward Snowden, an American whistleblower who copied and leaked highly classified information from the National Security Agency, is a keen advocate for the Signal platform. He claims that he uses the encryption tool every day as he uses anything by Open Whisper Systems.

SaltDNA’s secure communications solution provides a similar experience to consumer apps in a safer, more secure manner. Organisation’s are able to take complete and centralised control of the system, control who gets access to the system and how their user’s data is being managed. This is one of many differences between SaltDNA and the likes of Signal and WhatsApp. SaltDNA offer full control to their clients and the best software solution to ensure the optimal protection when communicating trade secrets and other highly confidential and sensitive information.

If you have any questions about this article or would like to learn more about SaltDNA, please contact us on info@saltdna.com and we would be happy to assist you in any way.

About SaltDNA

SaltDNA, ranked in the top half in the Cybersecurity 500, provides a fully enterprise-managed software solution that enables absolute privacy in mobile communications. It is easy to deploy and uses multi-layered encryption techniques to meet the highest of security standards. The SaltDNA Desktop and Mobile apps are intuitive and easy to install and use. The SaltDNA Communication Manager provides a console for tight management of users and can be configured for the management of regulatory compliance. SaltDNA is headquartered in Belfast, Ireland, for more information visit www.saltdna.com.