HOME

TheInfoList



Click Here for Items Related To - Bridgefy
OR:
Bridgefy on:   [Wikipedia]   [Google]   [Amazon]

Bridgefy is a Mexican software company with offices in Mexico and California, the United States, dedicated to developing mesh-networking technology for mobile apps. It was founded circa 2014 by Jorge Rios, after conceiving the idea while participating in a tech competition called
StartupBus StartupBus is an annual technological startup competition and entrepreneurship boot camp, described as a Hackathon, created by Elias Bizannes in February 2010. The competition is held across a 3-day bus ride where contestants or "buspreneurs" comp ...
. Bridgefy's smartphone ad hoc network technology, apparently using Bluetooth Mesh, is licensed to other apps. The app gained popularity during protests in different countries since it can operate without Internet, using Bluetooth instead. Aware of the security issues of not using cryptography and the criticism surrounding it, Bridgefy announced in late October 2020 that they adopted the Signal protocol, in both their app and SDK, to keep information private, though security researchers have demonstrated that Bridgefy's usage of the Signal Protocol is insecure.


Usage

The app gained popularity as a communication tactic during the
2019–2020 Hong Kong protests The Anti-Extradition Law Amendment Bill Movement, also known as the 2019 Hong Kong protests, or the 2019–2020 Hong Kong protests, were a series of demonstrations from 15 March 2019 in response to the introduction by the Hong Kong government ...
and
Citizenship Amendment Act protests The Citizenship Amendment Act (Bill) protests, also known as the CAA Protest, CAB Protest or CAA and NRC protests, occurred after the Citizenship Amendment Act (CAA) was enacted by the Government of India on 12 December 2019. The move sparked ...
in India, because it requires people who want to intercept the message to be physically close because of Bluetooth's limited range, and the ability to daisy-chain devices to send messages further than Bluetooth's range.


Security

In August 2020, researchers published a paper describing numerous attacks against the application, which allow de-anonymizing users, building social graphs of users’ interactions (both in real time and after the fact), decrypting and reading direct messages, impersonating users to anyone else on the network, completely shutting down the network, performing active
man-in-the-middle attack In cryptography and computer security, a man-in-the-middle, monster-in-the-middle, machine-in-the-middle, monkey-in-the-middle, meddler-in-the-middle, manipulator-in-the-middle (MITM), person-in-the-middle (PITM) or adversary-in-the-middle (AiTM) ...
s to read messages and even modify them. In response to the disclosures, developers acknowledged that "no part of the Bridgefy app is encrypted now" and gave a vague promise to release a new version "encrypted with top security protocols". Later developers said they plan to switch to
Signal Protocol The Signal Protocol (formerly known as the TextSecure Protocol) is a non- federated cryptographic protocol that can be used to provide end-to-end encryption for voice calls and instant messaging conversations. The protocol was developed by Open ...
, which is widely recognized by cryptographers and used by
Signal In signal processing, a signal is a function that conveys information about a phenomenon. Any quantity that can vary over space or time can be used as a signal to share messages between observers. The '' IEEE Transactions on Signal Processing' ...
and
WhatsApp WhatsApp (also called WhatsApp Messenger) is an internationally available freeware, cross-platform, centralized instant messaging (IM) and voice-over-IP (VoIP) service owned by American company Meta Platforms (formerly Facebook). It allows user ...
. The Signal Protocol was integrated into the Bridgefy app and SDK by late October 2020, with the developers claiming to have included improvements such as the impossibility of a third person impersonating any other user, man-in-the-middle attacks done by modifying stored keys, and historical proximity tracking; among others. However, in 2022, the same security researchers, now including
Kenny Paterson Kenneth G. "Kenny" Paterson (born 2 March 1969) is a professor in the Institute of Information Security at ETH Zurich, where he leads the Applied Cryptography Group. Before joining ETH Zurich in April 2019, he was a professor in the Information Secu ...
, published a paper describing how Bridgefy's usage of the Signal Protocol is incorrect, failing to remedy the previously discovered issues. The researchers performed a demonstration showing that it was possible for users to intercept messages intended for others without the sender noticing. The researchers disclosed the vulnerabilities to the developers of Bridgefy in August 2021, but, according to the researchers, the developers have yet to resolve the issues as of June 2022.


See also

* Signal protocol, which developers used to correct the security problems. *
Briar Briar, Briars, Brier, or Briers may refer to: * Briar, or brier, common name for a number of unrelated thorny plants that form thicket People * Brier (surname) * Briers, a surname * Briars (surname) Places * Briar, Missouri, U.S. * Bria ...
, another communication app that can utilize Bluetooth * Berty, another communication app that can utilize
Bluetooth Low Energy Bluetooth Low Energy (Bluetooth LE, colloquially BLE, formerly marketed as Bluetooth Smart) is a wireless personal area network technology designed and marketed by the Bluetooth Special Interest Group (Bluetooth SIG) aimed at novel applications ...
.


References

{{reflist


External links


Official website
Social media 2019–2020 Hong Kong protests IOS Android (operating system) Information technology companies of Mexico Companies based in Mexico City Mexican companies established in 2016 Technology companies established in 2016 Mesh networking