Security News

Privacy-focused communications application Signal this week announced a new feature meant to enhance user privacy amid social turmoil in the United States: a blur tool. Available in the image editor, the functionality is meant to help protect the privacy of the people in the photos shared over Signal.

Amid nationwide protests over the death of George Floyd, secure comms biz Signal has deployed a blur tool in its messaging and calling app to allow users to obscure faces in app-captured snapshots. Since not everyone always does so, the latest versions of Signal for Android and iOS include a blur feature in the image editor menu that can be used to degrade image details.

We've never bothered with Signal for the reason that signing up means handing over your phone number. As we mentioned you don't need to use a PIN to secure your Signal account - you can just use your phone number alone, as before, or choose a proper pass-phrase that's as long as you like.

Encrypted messaging service Signal has announced the introduction of a new feature that allows users to recover their data if they switch to a new device. The new feature, Signal PINs, is based on Secure Value Recovery, which the company introduced in December, and is meant to help users import data such as profile, settings, and blocked users when switching to a new device.

The non profit organization has also announced on Tuesday a new mechanism - Signal PINs - that will, eventually, allow users not to use their phone number as their user ID. About the vulnerability. While the DNS server information cannot tell the caller where exactly the callee is located as it offers just coarse location data, according to Wells, "In instances such as Google Public DNS and others, this attack can narrow the location down to the Signal user's city due to usage of EDNS Client Subnet."

People can generally hear audio frequencies ranging from 20 Hz and 20,000 Hz, though individual hearing ranges vary. Samuel Weiler, a web security engineer with MIT CSAIL and a member of the W3C's Privacy Interest Group, recently pushed to re-open a discussion about limiting the Web Audio API so that it cannot be used to generate or listen for ultrasonic signals without permission.

Cybercriminals are increasingly peddling booby-trapped version of popular apps such as Skype and Signal that contain surveillanceware. Apurva Kumar, security intelligence engineer at Lookout, said that one such surveillanceware family that's been spotted using this tactic is Monokle, a sophisticated set of custom Android surveillanceware.

We discuss the biggest cybersecurity news stories of the week. New podcast episode out now!

Understandably, the end-to-end encrypted messaging app Signal has been signing up new users at "Unprecedented" rates and flipping the switch on servers "Faster than we ever anticipated," Signal's Joshua Lund said last week. At a high level, what the bill proposes is a system where companies have to earn Section 230 protection by following a set of designed-by-committee 'best practices' that are extraordinarily unlikely to allow end-to-end encryption.

Secure messaging app developer Signal says its US operation hangs in the balance due to a proposed law in America. "Some large tech behemoths could hypothetically shoulder the enormous financial burden of handling hundreds of new lawsuits if they suddenly became responsible for the random things their users say, but it would not be possible for a small nonprofit like Signal to continue to operate within the United States," Signal's Joshua Lund said.