Signal:They find important security flaws | Vulnerabilities in several messaging apps allowed users to eavesdrop without their permission before the person on the other end answered calls, according to Google’s Project Zero security researcher Natalie Silvanovich.
In a publication on the company's blog, the expert recalls that at the beginning of 2019 a "serious vulnerability" was detected in Group FaceTime that allowed listening to audio from another user when he has not yet accepted the video call .
Following the discovery of the FaceTime vulnerability, Project Zero found similar flaws in the Signal, Google Duo, Facebook Messenger, JioChat, and Mocha apps.
Thus, the Signal bug, which was fixed in September 2019, allowed a person to eavesdrop on the recipient’s environment, while a Google Duo glitch caused video packets to leak during unanswered calls. The Facebook Messenger vulnerability also allowed audio calls to connect before the recipient responded.
Security flaws have been corrected since then by all the platforms mentioned.At the same time, no similar problems were found in the Telegram or Viber apps, which were also investigated.