Timing Attacks on WhatsApp, Signal, and Threema can Reveal User Location | RestorePrivacy
Was sagt Threema zu dieser Meldung?
Steht mittlerweile unten auf der Seite
UPDATE 2: Threema provided RestorePrivacy with the following statement on October 21st:
We have already considered different workarounds and conducted various tests, including ones where the client randomly delays delivery notifications slightly to render these kinds of timing analyses useless. (App updates containing this improvement should become available soon.)
Please note, however, that the practical exploitability of these timing analyses is debatable: Users typically don’t have their messenger app open all the time, and push notifications that wake up the app in the background already add a considerable delay of up to several seconds.