Navigation
Recherche
|
Bug Lets Audio, Video be Transmitted Without Consent in Apps Like Signal
mardi 19 janvier 2021, 20:06 , par TheMacObserver
Google’s Project Zero security team found a bug that lets audio and video be transmitted without user interaction in five messaging apps. These are Signal, JioChat, Mocha, Google Duo, and Facebook Messenger. All bugs have been fixed.
I investigated the signalling state machines of seven video conferencing applications and found five vulnerabilities that could allow a caller device to force a callee device to transmit audio or video data. All these vulnerabilities have since been fixed. It is not clear why this is such a common problem, but a lack of awareness of these types of bugs as well as unnecessary complexity in signalling state machines is likely a factor. Tags: Google, Project Zero, Security
https://www.macobserver.com/link/p0-audio-video-bug/?utm_source=macobserver&utm_medium=rss&utm_campa...
|
59 sources (15 en français)
Date Actuelle
jeu. 25 avril - 22:59 CEST
|