Sofia Celi

Abstract. Signal is a secure messaging app offering end-to-end security for pairwise and group communications. It has tens of millions of users, and has heavily influenced the design of other secure messaging apps (including WhatsApp). Signal has been heavily analysed and, as a result, is rightly regarded as setting the “gold standard” for messaging apps by the scientific community. We present two practical attacks that break the integrity properties of Signal in its advertised threat model. Each attack arises from different features of Signal that are poorly documented and have eluded formal security analyses. The first attack, affecting Android and Desktop, arises from Signal’s introduction of identities based on usernames (instead of phone numbers) in early 2022. We show that the protocol for resolving identities based on usernames and on phone numbers introduced a vulnerability that allows a malicious server to inject arbitrary messages into one-to-one conversations under specific circumstances. The injection causes a user-visible alert about a change of safety numbers, but if the users compare their safety numbers, they will be correct. The second attack is even more severe. It arises from Signal’s Sealed Sender (SSS) feature, designed to allow sender identities to be hidden. We show that a combination of two errors in the SSS implementation in Android allows a malicious server to inject arbitrary messages into both one-to-one and group conversations. The errors relate to missing key checks and the loss of context when cryptographic processing is distributed across multiple software components. The attack is undetectable by users and can be mounted at any time, without any preconditions. As far as we can tell, the vulnerability has been present since the introduction of SSS in 2018. We disclosed both attacks to Signal. The vulnerabilities were promptly acknowledged and patched: the first vulnerability was fixed two days after disclosure, while the second one was patched after eight days. Beyond presenting these devastating attacks on Signal’s end-to-end security guarantees, we discuss more broadly what can be learned about the challenges of deploying new security features in complex software projects.

Image showing part 2 of abstract.

Signal Lost (Integrity): The Signal App is More than the Sum of its Protocols (Kien Tuong Truong, Noemi Terzo, Kenneth G. Paterson) ia.cr/2026/484

It's RWC. So follow online with @durumcrustulum.com ....

US Defense Secretary Pete Hegseth made comments about “stupid rules of engagement” on Monday, suggesting they may interfere with “fight[ing] to win” in Iran. www.hrw.org/news/2026/03...

In addition to the many things I didn't like about the Natural History Museum in London, one thing I especially disliked is a huge wall given to showing *constellations* (or, as I prefer to think of them, "old-school hallucinations"). Let's have some actual science, people.

Google with AI buttons

Google without AI buttons

I made a filterlist for uBlock Origin to remove Generative AI features on websites. Includes blocks for
* Google AI Summaries
* YouTube Ask button & chat summaries
* GitHub Copilot
* Facebook AI chat
* X's Grok buttons
* Deviantart DreamUp
* Booru AI images
* And more

github.com/Stevoisiak/S...

Defend Privacy and Free Speech Don’t let tyrants co-opt tech. Join EFF and help fight back.

Do you love free speech, right to repair, and open source tech? If so, you should become a member of EFF today! eff.org/join

So-called 'nudify' apps. Smart glasses that secretly record video. An explosion in sexualised deepfakes.

Tech has turned against women, and it's time to regulate it properly, says author and gender equality campaigner Laura Bates.

Read more: ft.trib.al/Z3gd5bP

GDB will now have a save history command to save the command history to a file whenever you want.

This is cool as I usually need to manually copy-paste commands anyway because GDB tends to crash during my debugging sessions.

Hackers Expose Age-Verification Software Powering Surveillance Web Three hacktivists tried to find a workaround to Discord’s age-verification software. Instead, they found its frontend exposed to the open internet.

Hacktivists tried to find a workaround to Discord’s age-verification software, Persona. Instead, they found its frontend exposed to the open internet, and that was just the beginning.

www.therage.co/persona-age-...

“Based on these ethnographic findings, we initiate the cryptographic study of at-compromise security”

martinralbrecht.wordpress.com/2026/02/17/b...

Analysis and Vulnerabilities in zkLogin Zero-Knowledge Authorization (ZKA) systems allow users to prove possession of externally issued credentials (e.g., JSON Web Tokens) without revealing the credentials in full via the usage of Zero-Know...

Read our paper: eprint.iacr.org/2026/227 and blogpost: brave.com/blog/zklogin/

This is not a failure of zero-knowledge proofs. It is a systems security failure caused by composition: ill-defined semantics, missing binding guarantees, exposed long-lived credentials, unjustified frontend trust assumptions, and opaque trust centralization.

5. Allows for centralization and privacy regressions: JWTs, often containing sensitive identity attributes, are forwarded to third-party services outside the original OIDC consent relationship, with no explicit user awareness or control.

4. Incorrectly trusts the frontend: zkLogin explicitly assumes that the frontend application is trusted and security-irrelevant, arguing that public frontend implies sufficient scrutiny. This assumption does not hold in real-world browser threat models.

3. Exposes long-lived credentials as static, long-lived bearer credentials exposed directly to browser environments. These credentials are commonly: stored in browser-accessible storage (e.g., localStorage), transmitted directly from frontend JavaScript and reused indefinitely.

1. Accepts malformed JWTs (with shadowed claims, invalid JSON): a single signed JWT can admit multiple conflicting interpretations (claim shadowing via duplicate keys, parser differentials across components, non-canonical encodings with ambiguous semantics).

At first glance, this seems to provide strong privacy and security guarantees.
But, what we found is that the story is not complete, as zkLogin:

What is zkLogin?

zkLogin allows users to authorize blockchain transactions using a ZKP of possession of a signed OpenID Connect (OIDC) JSON Web Token (JWT) via a ZKP over the signed JWT.

Analysis and Vulnerabilities in zkLogin Zero-Knowledge Authorization (ZKA) systems allow users to prove possession of externally issued credentials (e.g., JSON Web Tokens) without revealing the credentials in full via the usage of Zero-Know...

Paper: eprint.iacr.org/2026/227
Blogpost: brave.com/blog/zklogin/
Joint work with Hamed Haddadi and Kyle Den Hartog (3/n)

In our work, we show why this narrative can be incomplete: we analyze *zkLogin*, a widely deployed zero-knowledge authorization system, and demonstrate that its security does not only reduce to the security of the ZKP. Instead, it depends on assumptions.

ZKPs are ipromoted as foundation for privacy-preserving authentication. Recent proposals, particularly in blockchain wallets, identity frameworks, and verifiable credential systems, suggest that ZKPs allow users to prove possession of externally issued credentials without revealing them (2/n)

When Zero-Knowledge Proofs Are Not Enough: Lessons from a Real-World Zero-Knowledge Authorization System, a.k.a Analysis and Vulnerabilities in zkLogin (eprint.iacr.org/2026/227) (1/n)

@opentechfund.bsky.social is accepting applications to join our Security Lab until March 16, 2026.

Learn more:
buff.ly/lzCjWZu

The general counsel uploaded a picture on Linkedin showing the web panel of Paragon's spyware.

The panel shows a phone number in Czechia, Apps, Accounts, media on the phone, the interception status and numbers extracted from social media applications.

À l’occasion de la journée #FemmesEnScience, découvrez ces femmes qui façonnent les sciences informatiques ! #IA, optimisation et fonctions supports, elles innovent et repoussent les frontières du #numérique.
➡️ www.ins2i.cnrs.fr/fr/cnrsinfo/...

Benito carrying a football with musicians carrying flags behind him

Iconic moment as he says "God Bless América" and then names every country in South, Central, and North america in order

For the rest of the hemisphere, América doesn't mean the U.S.

It means evveeerrybody

Trump tried to gut science research funding. Courts and Congress have rebuffed him. Scientists' worst fears about Trump's cuts to research funding haven't come to pass, thanks to several legal challenges and Congress’ recent rejection of his proposed budget cuts.

Our lawsuit is fighting to ensure that critical research, including on Alzheimer’s disease, HIV prevention, LGBTQ+ health, and sexual violence can continue.

Research must be guided by science, not politics.

Amnesty International: Iran “carried out massacres of protesters, primarily on 8 and 9 January, when the death toll rose into thousands. January 2026 marks the deadliest period of repression by the Iranian authorities in decades of Amnesty’s research.” www.amnesty.org/en/latest/ca...

Inside Reform’s plans for a fascist takeover In today's article shado editor Elia Ayoub discusses Reform’s “Operation Restore Justice”, the risks of a British ICE and how we can resist.

Apropos of nothing, here's a piece on Reform's plans for a British ICE: shado-mag.com/articles/opi...

Here's the policy document: web.archive.org/web/20260127...

Here's a piece on the Labour Government's practice of emulating the US' celebration of brutality: www.theguardian.com/politics/202...