alt Hacker NewsI dont' believe the Signal app/network is choosing to cacheimages in a CDN?
But any user can send anyone other user a message that includes a link to a CDN-cached resource. Isn't that the "attack" here? Or am I misunderstanding?
I dont' believe the Signal app/network is choosing to cacheimages in a CDN?
But any user can send anyone other user a message that includes a link to a CDN-cached resource. Isn't that the "attack" here? Or am I misunderstanding?
Signal does cache them in a CDN. If the vulnerability was sending any link, you could just set up your own web server and get the person’s IP