Loquendo Laxe on Nostr: Better you avoid using Bridgefy. While on paper it appears to be an exciting and ...
Better you avoid using Bridgefy. While on paper it appears to be an exciting and potentially very useful way of communicating thru ad-hoc Mesh Networks (via Bluetooth) over short distances; when tested in situations described by the Bridgefy website, it was soon found to be vulnerable to several different attack vectors. Subsequently, and with the generous help of encryption experts, the Mexican originators of Bridgefy has been obliged to adopt the Signal protocol. Even so, vulnerabilities still exist. On July 31, 2023, the security firm 7asecurity released a blog post and pentest report of a white box penetration test and overall security review of the Bridgefy app in collaboration with the platform's developers. Their review, which began in November 2022 and concluded in May 2023, identified multiple critical vulnerabilities throughout the Mobile App. For more complete details, I strongly recommend you visit the Wikipedia page. There, you will find an adequate summary of Bridgefy's history, how it was tested for vulnerabilities, and its current status {last update was 14-Oct-24 at 23:48 (UTC)} >>
https://en.wikipedia.org/wiki/BridgefyPublished at
2024-12-03 04:30:07Event JSON
{
"id": "156de1b49dd2cd3b2d1b5dfc4fdc6d730620e165d8b8d84e6f7e1bb025ef8a3f",
"pubkey": "0598a50cba5af0cd5c38c765996bebfe8ed52666444bcb23aff117b9d765ddce",
"created_at": 1733200207,
"kind": 1,
"tags": [
[
"a",
"30023:e3b5f43280264c6d1d2e4376e5c5de645ae66bc580fa454f01b711e7f5bee9d0:529e5d17e20b559c",
"",
"root"
],
[
"p",
"e3b5f43280264c6d1d2e4376e5c5de645ae66bc580fa454f01b711e7f5bee9d0"
]
],
"content": "Better you avoid using Bridgefy. While on paper it appears to be an exciting and potentially very useful way of communicating thru ad-hoc Mesh Networks (via Bluetooth) over short distances; when tested in situations described by the Bridgefy website, it was soon found to be vulnerable to several different attack vectors. Subsequently, and with the generous help of encryption experts, the Mexican originators of Bridgefy has been obliged to adopt the Signal protocol. Even so, vulnerabilities still exist. On July 31, 2023, the security firm 7asecurity released a blog post and pentest report of a white box penetration test and overall security review of the Bridgefy app in collaboration with the platform's developers. Their review, which began in November 2022 and concluded in May 2023, identified multiple critical vulnerabilities throughout the Mobile App. For more complete details, I strongly recommend you visit the Wikipedia page. There, you will find an adequate summary of Bridgefy's history, how it was tested for vulnerabilities, and its current status {last update was 14-Oct-24 at 23:48 (UTC)} \u003e\u003e https://en.wikipedia.org/wiki/Bridgefy",
"sig": "b749b81ee6cc90e0245a1d1d9a21fa0186988d70c44522334529ef3f658dd350e9df3bdb3830a40b47ad691e27b61cf3e36897227a433cbb727139d9f446e840"
}
