Hacker News new | past | comments | ask | show | jobs | submit login

If the crypto is solid the transport is irrelevant. This points to deeper vulnerabilities. IP networks are no safer than SMS.



I realize this was a use of sending short authentication codes by SMS, but at 160 characters the crypto can't be solid, if somebody decided to implement proper public/private key over it. So the transport is definitely a problem.


Signal was originally TextSecure, there was no problem with its message security. Plenty of meta data problems though. If you still need to send secure SMS there is a fork at https://silence.im.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: