October 16, 2023 at 10:36AM
Signal denies the existence of a zero-day exploit in its encrypted chat app, dismissing viral rumors as baseless. The rumored vulnerability involves the “generate link preview” feature, which has known privacy and security risks. Signal checked with contacts within the US Government, as claimed by the report, and found no evidence supporting the claim. The feature has caused similar issues on WhatsApp.
According to the meeting notes, there were rumors of a zero-day exploit in Signal’s encrypted chat app, specifically related to the “generate link preview” feature. However, Signal has conducted an investigation and found no evidence to support these rumors. They also checked with contacts in the US Government, as the rumor claimed USG as a source, and found no information to validate the claim. Signal advises users to go to settings under their profile in Signal, navigate to chats, and deselect the “generate link preview” option to close any potential vulnerability. It is worth noting that the “generate link preview” feature has known privacy and security risks, which has been a problem for Meta’s WhatsApp platform in the past. Apple’s LockDown Mode disables the iMessage link preview feature in response to malicious targeting by surveillance spyware vendors.