Reply to post:

How a glitch in the Matrix led to apps potentially exposing encrypted chats

Denis Kasak

The keys are definitely protected with cryptography, both in transit and when deciding whether the message key should be shared with a requesting device.

This latter check is performed by ensuring the identity key of the key-requesting device is the same as the one written down at the point the message key was originally shared with the participant. Unfortunately, it turned out that this check could be fooled with some trickery -- but this is a logic bug and an honest mistake, which is now patched.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon