Signal may silently fall back to "unsealed sender" message if server returns 401 (2024)
a year ago
- #Bug
- #Signal
- #Security
- Bug report highlights an issue with Signal's SealedSender functionality.
- Server returning status 401 can force client to switch to fallback SealedSenderAccess.
- No fallback exists for individual chats without shared groups.
- For other chats, multiple fallbacks may be available until null fallback is reached.
- Null fallback redirects message to authenticated web socket without SealedSender, potentially disabling it.
- Malicious server could selectively disable SealedSender by returning 401 for specific messages.