One heavily promoted solution has beenBridgefy, a messaging app that has the financial and marketing backing of Twitter cofounder Biz Stone and boasts having more than 1.7 million installations. By using Bluetooth and mesh network routing, Bridgefy lets users within a few hundred metersand much further as long as there are intermediary nodesto send and receive both direct and group texts with no reliance on the Internet at all.
Bridgefy cofounder and CEO Jorge Ros has said he originally envisioned the app as a way for people to communicate in rural areas or other places where Internet connections were scarce. And with the past years upswell of large protests around the worldoften in places with hostile or authoritarian governmentscompany representatives began telling journalists that the apps use of end-to-end encryption protected activists against governments and counter protesters trying to intercept texts or shut down communications.
Over the past few months, the company has continued to hold out the app as a safe and reliable way for activists to communicate in large gatherings.
But now, researchers are revealing a litany of recently uncovered flaws and weaknesses that show that just about every claim of anonymity, privacy, and reliability is outright false.
This encoding method, which was deprecated in 1998, allows attackers to perform what's known as a padding oracle attack to derive contents of an encrypted message.Original article