Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Contact application Remote signal, use it At least one official from the Trump administration To archive the messages, it was said that he had already suffered from violations that clarified the security defects and resulted in its mother company Implement a service pause This week, waiting for the investigation. Now, according to Detailed new results From Michel Lee’s journalist and researcher, it seems that the TM Signal archiving feature undermines the main security guarantees for the significant signal, sending messages between the application and the user’s user messages archive without a comprehensive encryption, which makes user contacts accessible to me.
Lee conducted a detailed analysis of the TM Signal Android source symbol to assess the application design and its safety. In cooperation with 404 media, he had I mentioned earlier On hacking the TM signal during the weekend, which revealed some user messages and other data – a clear sign that some data has been sent at least without coding, or as a normal text, at least some time inside the service. It seems that this alone contradicts the TELEMESSAE marketing claims that the TM signal provides “a comprehensive encryption from mobile phone to corporate archive.” But Lee says that his latest results show that the TM signal is not encrypted from run to end and that the company can reach the contents of user conversations.
“The fact that there are ordinary text records confirm my hypothesis,” says Wind. “The fact that the archive servant was very trivial for someone to penetrate it, and that the TM sign was incredible in basic security, and that was worse than I expected.”
TELEMESSAGE is an Israeli company that has completed its acquisition last year by the US -based digital communication company. Telemessge is a federal contractor, but the consumer applications it provides It has not been approved For use within the framework of the risk management and licensing program in the US government, or FedramP.
SMARSH did not return WIRED requests to comment on Lee’s results. The company said on Monday: “Telemessge is investigating a possible security accident. Upon disclosure, we acted quickly to contain it and involve the external cybersecurity company to support our investigation,” the company said on Monday.
Lee’s results are likely to be important for all Telemessge users, but it has special importance, given that the TM signal was used by President Donald Trump Mike and Taz now. It was filmed last week using the service during the cabinet meeting, and it seems that the image shows that he was communicating with other high -ranking officials, including Vice President JD Vance, the American director of national intelligence, Tulsi Gabbard, and what appears to be the US Secretary of State Marco Marco. The TM signal corresponds to the signal and the messages sent in the chat will be revealed with a person who uses the TM signal, whether all the participants use it or some use the original signal application.
Lee found that the TM signal is designed to save signal communication data in a local database on the user device and then send this to an archive server to keep it in the long run. He says the messages are sent directly to the archive server, and they seem to be the regular text chat records in the cases that were examined by Lee. He says, “He emphasized” that the archive server has access to chat records in the normal text. “
The data taken from the TELEMESSAGE archive server includes chat records, user names, normal text passwords, and even special encryption keys.
in letter On Tuesday, American Senator Ron Widen called for the Ministry of Justice to investigate medicine, claiming that it was “a serious threat to American national security.”
“I have chosen government agencies that adopted a brown archive, the worst possible choice,” Widan wrote. “They gave their users something similar to signal, which is the most widely trusted communications application. Instead, senior government officials were provided with a poor sign that constitutes a number of security and control threats.