It's no secret that the Swiss messenger Threema is very popular and has been used mainly for more than 10 years as a secure alternative to WhatsApp.
After Facebook (* recognized as extremist in the Russian Federation) acquired WhatsApp and changed its privacy policy, users' attention to the Swiss messenger increased even more.
Using Threema, German Chancellor Olaf Scholz will not let you lie.
As it turned out, the promise of maximum security, incomparable in level with any other competitor messenger, in reality remains only a slogan that has not withstood verification in real life.
Even though the messenger was widely recognized in 2019, and the Swiss Federal Administration approved the use of Threema for content classified as "confidential".
This is the conclusion reached by a research group led by Professor Kenneth Paterson from ETH (Swiss State Research University).
As it turned out, there are fundamental flaws in the Threema encryption concept. Moreover, encryption methods are technologically lagging behind by several years.
A group of researchers has published a detailed description of 7 vulnerabilities in Threema cryptographic protocols.
Their exploitation could allow attackers to clone accounts, read correspondence, steal private keys and contacts, as well as reproduce compromising materials for further blackmail.
With Swiss precision, Threema immediately responded and released a new protocol called Ibex, which makes a number of problems obsolete and not relevant, and fixed the remaining shortcomings found within a few weeks.
In their blog, the developers underestimated the number of errors indicated in the study, explaining that vulnerabilities were discovered in a protocol that Threema no longer uses.
In addition, they noted that the detected errors may be interesting from a theoretical point of view, none of them had a significant impact in the real world.
However, this does not negate their existence.