Breaking the Threema Secure Messenger
breakingthe3ma.app> A malicious server can trick the client into using the same key while talking to the server during the initial registration protocol and while talking to other users in the E2E protocol.
this is bad
> we show that the attacker can trick a user into creating a valid vouch box and sending it to the attacker. This allows the attacker to impersonate the client to the server forever.
This attack means that, under some circumstances, a user might compromise his or her own account by simply sending a message to another user.
Yikes
The title of this submission is editorialized and misleading. @dang, please change to the original title "Three Lessons from Threema -- Analysis of a Secure Messenger".
I would argue that it is not misleading -- the website domain is, after all, "breakingthe3ma.app".
The title of the paper presents a more academic angle, and is intended to highlight what the "learned lessons" are, but let's not forget that Threema was vulnerable to our attacks for 10+ years.
I would recommend reading the article and not just the title and url. Editorializing also plainly violates HN guidelines.