GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE
  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Embed Notice

HTML Code

Corresponding Notice

  1. Embed this notice
    Michał "rysiek" Woźniak · 🇺🇦 (rysiek@mstdn.social)'s status on Wednesday, 22-Jan-2025 07:33:12 JSTMichał "rysiek" Woźniak · 🇺🇦Michał "rysiek" Woźniak · 🇺🇦
    in reply to

    Technical details tl;dr:

    - Signal (and other communication platforms) uses Cloudflare with caching enabled for media

    - one can check on which Cloudflare endpoints a given attachment URL got cached (one can use a VPN for this), giving them the ability to roughly geolocate users whose Signal downloaded the file

    - a patched version of Signal (or whatever app) allows the attacker to send the message with an image, and extract the attachment URL to know what URL to check for having been cached

    In conversationabout 5 months ago from gnusocial.jppermalink
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.