If someone wants to leak me a copy of this app (either .apk or .ipa), please reach out on Signal — my username is zackwhittaker.1337 — and I would be keen to run this app through Burp Suite to see how it works. Happy to grant anonymity.
Replies:
10
Boosts:
6
@zackwhittaker
I sent you the public one if it's useful. If not, please ignore. Either way, enjoy.
@zackwhittaker any other means with proper E2EE?
Like #deltaChat / @delta or #PGP/MIME eMail or #XMPP+#OMEMO?
Cuz anyone I could imagine isn'f gonna use a service like #Signal that depends for it's existance (due to hard #LockIn on #AWS) to piss off the #US government which can unplug and kill it anytime due to #CloudAct!
@zackwhittaker Looks like the copy Thereallo analyzed in April didn't even have certificate pinning.
@zackwhittaker
From the article the app may be the same as the public one (tbc) which is probably easier to get hold of.
"
While the instructions to install the administration’s app on government phones may sound like a way to simply communicate with the government workforce more directly, “this isn’t really operational,” former government tech official David Nesting told Government Executive, pointing to the fact that it’s the same app available to the general public.
"
@ThomasPonnet yes! if the app (to be installed ~next week) on federal phones is same specific version as the app in the public app stores, then that's also fine. i'm keen to make sure i have the exact app (for verification) to run it again, and not an old version, for example.
The quest to completely politicize the American public service continues.
@zackwhittaker If they go through with this nonsense, I fully expect the Iranians to put out a series of social-media posts with over-the-top praise for The Donald, in the hope that he reposts it along with with malware it would probably contain.
@zackwhittaker you have to be kidding me... this is NOT going to end well...
@zackwhittaker is burp suite an emulator of mobile OSs? Never heard of it before.
