Signal ignores proxy censorship vulnerability, bans researchers


Signal, an end-to-end encrypted messaging platform was recently blocked by the Iranian government.

To help its users bypass censorship in Iran, the company suggested a TLS proxy workaround.

However, multiple researchers have now discovered flaws in the workaround that can let a censor or government authority probe into Signal TLS proxies, rendering these protections moot and potentially bringing repercussions for Signal users located in repressive regimes.

The researchers who reported these flaws via Signal’s GitHub repository have been banned by the company with their reported issues removed.

Read more…