A security researcher made a tool that let them quickly check which of Cloudflare's data centers had cached an image, which allowed them to figure out what city a Discord, Signal, or Twitter/X user might be in.

cross-posted from: https://lemmy.ca/post/37638868 !privacy@lemmy.dbzer0.com

This affects Signal too

An issue with Cloudflare allows an attacker to find which Cloudflare data center a messaging app used to cache an image, meaning an attacker can obtain the approximate location of Signal, Discord, Twitter/X, and likely other chat app users. In some cases an attacker only needs to send an image across the app, with the target not clicking it, to obtain their location.

https://gist.github.com/hackermondev/45a3cdfa52246f1d1201c1e8cdef6117?ref=404media.co

Signal, an open-source encrypted messaging service, is widely used by journalists and activists for its privacy features. Internally, the app utilizes two CDNs for serving content: cdn.signal.org (powered by CloudFront) for profile avatars and cdn2.signal.org (powered by Cloudflare) for message attachments.

  • 🌶️ - knighthawk@lemmy.mlEnglish
    26·
    1 month ago

    i think this would be true of basically any large service that had multiple data centers. whichever one catches your data is the one closest to you.

    the difficulty is accessing that data even if you can’t read it you still have the closest location.

    sounds to me like the Internet working as intended. if you want true privacy you need to take extra steps

    • azertyfun@sh.itjust.worksEnglish
      2·
      1 month ago

      On the one hand, deanonimization attacks are never entirely avoidable on unhardened targets and this one isn’t particularly sophisticated and leaks relatively little information.

      On the other hand deanonimization attacks are always bad and it’s a good reminder to people of the risks they are taking. This is also slightly non-obvious behavior, even if it makes sense to the technically competent, as something like an IP grabber normally requires user interaction such as clicking a link. It’s also a vector that CF might be able to mitigate by patching the ability to query a given cache directly.

  • boaratio@lemmy.worldEnglish
    82·
    1 month ago

    I don’t want to be a contrairian, but your cellphone carrier does this non stop. Cloudflare is not a good company, but this is the least of your problems.