Calling it a “vulnerability” that someone with full access to an authorized device can use it to authorize another device is crazy. That’s not Signal’s issue, that’s an issue with your device security. The app has to trust the logged in user; if it doesn’t, then even displaying the data could be a breach.
Calling it a “vulnerability” that someone with full access to an authorized device can use it to authorize another device is crazy. That’s not Signal’s issue, that’s an issue with your device security. The app has to trust the logged in user; if it doesn’t, then even displaying the data could be a breach.