0-click deanonymization attack targeting Signal, Discord, other platforms
https://gist.github.com/hackermondev/45a3cdfa52246f1d1201c1e8cdef6117So if you send a picture to a Signal user, it's retrieved via cloudflare, and cached in a data center near that user; now you can look up the cache status and find the data center used. I'd say "deanonymization" is stretching it, unless the user is in the middle of nowhere (no other users near the data center). But interesting writeup anyway.
loading story #42781240
loading story #42781047
loading story #42781219
loading story #42782751
loading story #42785034
loading story #42784322
loading story #42782815
loading story #42784814
loading story #42780999
loading story #42782562
loading story #42782589
loading story #42792076
loading story #42782227
loading story #42782362
loading story #42784670
loading story #42784858
loading story #42785583
> cached in a data center near that user
Not necessarily. Cloudflare is very upfront that they do not cache everything, and the time things are cached can vary greatly.
The kid keeps talking about "deanonymization" and he has no idea what the term actually means.
loading story #42783230
loading story #42781803
loading story #42783176
loading story #42789927
loading story #42794955
loading story #42785989
loading story #42795137
loading story #42791894
loading story #42788546
loading story #42790499
loading story #42783716
loading story #42787032
loading story #42785522
loading story #42782215
loading story #42787045
loading story #42792058
[dead]
loading story #42781282
loading story #42782817
loading story #42783847
loading story #42784355
loading story #42785498
loading story #42780989
loading story #42781138
loading story #42782741
loading story #42786702
loading story #42783497
loading story #42784455
loading story #42781069
loading story #42780982
loading story #42782284
loading story #42790051
loading story #42781064
loading story #42785148
loading story #42781536
loading story #42781228
loading story #42782594
loading story #42781248
loading story #42781973
loading story #42787031
loading story #42781040
loading story #42782548
loading story #42784143
loading story #42783761
loading story #42781081
loading story #42783286
loading story #42792703
loading story #42784582
loading story #42795171
loading story #42790934
loading story #42784668
loading story #42790643
loading story #42791239
loading story #42785449
loading story #42781370
loading story #42783853
loading story #42791092
loading story #42784460
loading story #42789956
loading story #42782433
loading story #42787384
loading story #42785142
loading story #42782615
loading story #42795728
loading story #42781595
loading story #42790585
loading story #42783815
loading story #42785340
loading story #42782617
loading story #42796720
loading story #42800677
loading story #42785383
loading story #42794510
loading story #42784220
loading story #42781455
loading story #42791864
loading story #42781182
loading story #42785372
loading story #42786283
loading story #42789962
loading story #42782151
loading story #42781224
loading story #42783590
loading story #42786342
loading story #42787796
loading story #42790155
loading story #42821487
loading story #42790270
loading story #42784624
loading story #42783349
loading story #42784474
loading story #42785206
loading story #42787147
loading story #42788622
loading story #42782742
loading story #42781063
loading story #42789042
loading story #42787976
loading story #42785597
loading story #42781491
loading story #42781254
loading story #42781073
loading story #42784472
loading story #42781317
loading story #42785232
loading story #42790126
loading story #42781505
loading story #42781097