All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

MAGA-Themed Messaging App Converso Leaks Users' Phone Numbers Despite Security Claims

By

e_daigle

5mo ago· 13 min readenInsight
Bagel score 100 of 100
100/100
Golden Brown
Bagelometer

The kind of bagel that ruins lesser bagels for you.

Score100TypeanalysisSentimentnegative

Summary

The article details a security vulnerability in Converso, a MAGA-themed messaging app that claimed to offer state-of-the-art end-to-end encryption and no metadata collection. Despite these security claims, a security researcher discovered that the app was leaking users' phone numbers due to basic security flaws. The article examines how the app's developers, who lacked mobile app development experience, created an insecure application that exposed user data, highlighting the dangers of security claims without proper implementation.

Key quotes

· 4 pulled
Neither of us had prior experience developing mobile apps, but we thought, 'Hey, we're both smart. This shouldn't be too difficult.'
Converso made some pretty impressive claims about its security: it claimed to implement state of the art end-to-end encryption, to collect no metadata, and to use a decentralized architecture that involved no servers at all.
Unfortunately, security researcher crnković did some basic reverse engineering and traffic analysis...
You can be, do, and have whatever you want, except for not spilling user information
Snippet from the RSS feed
You can be, do, and have whatever you want, except for not spilling user information

You might also wanna read

Pentagon Confirms Adversaries Using Commercial Phone Location Data to Target US Troops

The Pentagon was warned for nearly a decade that commercial location data from mobile phones could be exploited by adversaries to track US m

wired.com·1d ago

European Secure Messaging Service Zivver Sold to U.S. Firm with Israeli Intelligence Links

A European secure messaging service called Zivver, used by EU and UK governments and hospitals for confidential communications, has been sol

ftm.eu·5mo ago

Investigator discovers unauthorized vote.gov domain registered to White House

The article describes an investigative journalist's discovery of a second, unauthorized vote.gov website registered to the White House, unco

thedreydossier.substack.com·19h ago

Privacy experts raise concerns over proposed US access to Australians' biometric data

The article discusses concerns over a proposal that could allow US agencies, particularly ICE, to access Australians' personal and biometric

sbs.com.au·1d ago

New browser-based side-channel attack uses SSD activity analysis to spy on users

Researchers have discovered a new browser-based side-channel attack that can spy on users by analyzing SSD (Solid State Drive) activity thro

arstechnica.com·2d ago

Data leak exposes Trump T1 phone customer contact details

A data leak exposed the personal contact details of customers who purchased or reserved the Trump T1 phone. The article, written in a satiri

newsthump.com·2d ago