When I press on some message to forward it, it shows me Random usernames of contacts I don’t know. And it even shows some Mobile Numbers I don’t know. For example, one number starts with +964 that’s Iraq. I’m from Europe tho. These contacts and numbers are from all over the place.
Edit: This only happens on Signal Desktop. If I try to forward a message on Android it only shows my Contacts. And none of these unkown ones.
This is super helpful, I may post this to infosec.exchange. Flathub makes this so much more difficult to find the reason for what looks like a real breach. I don’t use Flathub for security reasons so I don’t know if you can even isolate the PID? Anyone know?
I don’t want you to have to spend a lot of time or troubleshoot over the web but if you see anything that stands out as “wow shouldn’t be there/running” when you run these commands come back to us:
ps
the PID of Signal or secondarily, Flathublsof -p PID
sudo strace -f -t -e trace=file -p PID
sysctl kernel.randomize_va_space