Surveillance Report cover image

Surveillance Report

This Cloudflare Trick Can Expose Your Location in Signal

Jan 30, 2025
A troubling new attack method threatens user location privacy on popular platforms like Signal and Discord. Cloudflare's vulnerabilities could allow attackers to track users. The discussion also underscores the risks personal photos pose to privacy, particularly with the AI tool GeoSpy. Recent data breaches in education expose millions to potential threats, while a LinkedIn lawsuit raises eyebrows on data sharing practices. Additionally, the podcast highlights innovative approaches to app security like Accrescent, advocating for better privacy controls online.
44:07
Creator website

Podcast summary created with Snipd AI

Quick takeaways

  • A newly discovered side-channel attack on Cloudflare may expose user locations in messaging apps without interaction, highlighting privacy vulnerabilities.
  • Recent data breaches affecting PowerSchool and Change Healthcare reveal significant risks to personal data security for millions, emphasizing the need for proactive protection measures.

Deep dives

Location Exposure via Messaging Apps

A newly discovered side-channel attack poses a risk to users of messaging apps like Signal, Discord, and Twitter, potentially revealing their approximate locations. The attack exploits a flaw in Cloudflare's content delivery network, which caches images sent through these platforms. Remarkably, an attacker could obtain location data simply by sending an image without requiring the target's interaction, as the attack can work through push notifications. While the information retrieved is coarse, typically indicating a general area such as a city or state, it emphasizes the importance of understanding how mobile applications manage data and the potential implications for privacy.

Get the Snipd
podcast app

Unlock the knowledge in podcasts with the podcast player of the future.
App store bannerPlay store banner

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Save any
moment

Hear something you like? Tap your headphones to save it with AI-generated key takeaways

Share
& Export

Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode