Just opened Jami and got a totally random friend request from an unknown userID.
How is this possible since Jami is supposed to be end-to-end encrypted and therefor peoples friends list is not publicly available and you need to share either your QR code or userID to people you want to befriend?
This incident got me really questioning the security of Jami.
One question: Did you enable “allow calls from unknown contacts”?
Although a contact request is different:
If you enable and disable your account after a few hours does it change anything?
Or if you use a different network?
If no, maybe you can get the logs - they might be useful?
Hello, in the search, if you type a jami id, and this id is valid, it will appear, which must have happened, because the jami id is long, someone trying to add a friend, may have typed the wrong jami id, which coincidentally was yours, a phone number that is a few characters happened, imagine the id that is a lot of characters, it’s rare but totally plausible.
1 Like
This might be the case, because my ID is not very long. I use a nick instead of a randomly generated ID, so it could be someone who was trying to befriend someone else with almost the same nick. Still this got me spooked. I will be looking out for similar incidents in the future.
So this has not happened to you or anyone you know?
Even creating a short nickname, it is still possible to see your long jami id is valid, just press the key, as shown in the image. In jami it didn’t happen, but in other apps, it has happened, of adding it, thinking it was someone else.
Rest assured, usually the simplest theory is the one that is true, I believe it was a coincidence, a user typing the wrong jami id and it being yours.