Closed kitserve closed 2 years ago
That is indeed extremely strange! Can you submit a debug log, and include the timestamps of the two messages in your report? It would help if your friend submits a debug log as well.
Also, you can ask your friend to double-check that the image wasn't sent from a linked device (possibly one they forgot about!).
Debug log and timestamp information submitted at https://support.signal.org/hc/en-us/requests/1391837. Will try to get a debug log from the other device as well and add that to the support ticket. Awaiting confirmation about linked devices. I'm fairly sure that they have no linked devices but will verify.
Other participant in the conversations with the unexpected photo confirms that they have no linked devices. They have generated a debug log, which I have linked in a comment on the Signal support request. Incidentally, the only way I was able to find my way back to that support request was via the link in my previous comment here on GitHub. I couldn't find a sign-in link anywhere on the Signal support site or by searching online, nor did I receive any email links for signing in or looking at tickets I'd submitted previously.
Belated response: you should have gotten an email with the URL, so I guess double-check your spam folder. :-/ I'm going to close this and let the Support ticket be the primary way to track this issue, but thank you very much for reporting it!
Not sure if this is a bug or something else, but I'm not sure where else to report it.
I just received an image from a known and trusted contact, both in a group chat we belong to, and also directly to me personally. The two copies arrived within about a second of each other. Sender is on Android, I'm on iOS. I didn't recognise any of the people in the image and commented on it in the group chat. Sender responded to say that they had never seen the image before, and hadn't sent it (but could see it in the shared message history, so it somehow got inserted into their list of sent messages). TinEye and VirusTotal both report no results, so if it's a hack attempt it's a very strange one. Anecdotally another Signal-using friend claims to have had a similar experience a few years ago, although in that case they were trying to send an image and the recipient received a different image, whereas in this case no image was being sent, it just spontaneously appeared (twice).
Can provide debug details and image sample via private channel if it would be helpful. I'm not familiar with the internals of how Signal works but am fairly technically competent. Perhaps it's some kind of hash collision?