• A_norny_mousse@feddit.org
    4·
    2 days ago

    If anybody is interested where WordPress comes into this:

    TeleMessage also provides tools to hack WP sites.

    The article delves into telemessage’s public API.

    Scary shit.

  • jarfil@beehaw.org
    4·
    2 days ago

    So… this means the “disappearing messages”, are the correct way of doing this, right?

    1. Encrypted message is sent
    2. A copy of the message reaches several devices
    3. TeleMessage makes an archival copy for record keeping
    4. Message “disappears” (is deleted) from all devices

    There can be issues raised about Signal itself, the ownership and operation of TeleMessage, or how the archival process works… but otherwise, it looks like a correct workflow.

      • jarfil@beehaw.org
        1·
        1 day ago

        From the article:

        For US government use, these kind of services would most likely be run to a separate server to run in a government-certified facility, ideally one certified with Federal Risk and Authorization Management Program (FedRAMP) or similar

        […]

        FedRAMP servers do not necessarily have to be in the United States

        …so, maybe? 🤷