<div dir="ltr">The actual crypto employed looks fine (Axolotl), but they support SMS login which has many vulnerabilities (forced number porting, IMSI catchers, telco MitMs, telco coercion, shoulder surfing just to name a few). Telegram offers the same feature, and it's routinely been exploited, especially by state-level attackers. See:<div><br></div><div><a href="https://www.fredericjacobs.com/blog/2016/01/14/sms-login/">https://www.fredericjacobs.com/blog/2016/01/14/sms-login/</a><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Sat, Mar 12, 2016 at 2:32 PM, Henry Baker <span dir="ltr"><<a href="mailto:hbaker1@pipeline.com" target="_blank">hbaker1@pipeline.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><a href="https://wire.com/?hl=en" rel="noreferrer" target="_blank">https://wire.com/?hl=en</a><br>
<br>
"Go ahead, make some free, end-to-end encrypted video calls on Wire"<br>
<br>
Details of <a href="http://wire.com" rel="noreferrer" target="_blank">wire.com</a> security:<br>
<br>
<a href="https://assets.documentcloud.org/documents/2756350/Wire-Security-Whitepaper.pdf" rel="noreferrer" target="_blank">https://assets.documentcloud.org/documents/2756350/Wire-Security-Whitepaper.pdf</a><br>
<br>
------<br>
Interesting timing, this <a href="http://wire.com" rel="noreferrer" target="_blank">wire.com</a> announcement.<br>
<br>
_______________________________________________<br>
The cryptography mailing list<br>
<a href="mailto:cryptography@metzdowd.com">cryptography@metzdowd.com</a><br>
<a href="http://www.metzdowd.com/mailman/listinfo/cryptography" rel="noreferrer" target="_blank">http://www.metzdowd.com/mailman/listinfo/cryptography</a></blockquote></div><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature">Tony Arcieri<br></div>
</div>