There's a "Signal deanonymized" thing going around:
https://gist.github.com/hackermondev/45a3cdfa52246f1d1201c1e8cdef6117
Stay calm. Deep breaths.
while this is a real consideration, the only thing the attacker gets from this is a very rough (kilometers or tens of kilometers radius) location
other communication platforms that use any kind of caching CDN to deliver attachments are just as affected
you almost certainly should continue to use Signal, unless you specifically know that this is a big problem for you.
@rysiek if I had a nickel for every write up I’ve read from a “15 year old who hacks big companies and builds cool stuff” that turns out to be a CVSS of √-1
@pkprotoplasm well, I disagree. This is a solid write-up and the issue *can* put (very specific) people (doing very specific things) in danger.
It's just much less of an issue that clickbaity headline and somewhat sensational claims could lead people to believe.
@rysiek Apologies, this was more a commentary on the youthful perspective’s “imaginary severity” (the 250+ km radius isn’t practically actionable in any realistic case) and not the quality of the explanations. I agree he’s a smart kid but there’s just no measurable risk there.
@pkprotoplasm heh, nothing to apologize for.