• Brayd@discuss.tchncs.de
    link
    fedilink
    arrow-up
    0
    ·
    11 months ago

    Does anyone know how iMessage handles this on desktop (on Macs) as they (as far as I know) upgraded their encryption recently?

  • jsomae@lemmy.ml
    link
    fedilink
    arrow-up
    0
    ·
    11 months ago

    The real problem is that the security model for apps on mobile is much better than that for apps on desktop. Desktop apps should all have private storage that no other non-root app can access. And while we’re at it, they should have to ask permission before activating the mic or camera.

    • refalo@programming.dev
      link
      fedilink
      arrow-up
      0
      ·
      11 months ago

      Firejail and bwrap. Flatpaks. There are already ways to do this, but I only know of one distro that separates apps by default like Android does (separate user per app), which is the brand new “EasyOS”.

    • Pussista@sh.itjust.works
      link
      fedilink
      arrow-up
      0
      ·
      edit-2
      11 months ago

      macOS has nailed it*, even though it’s still not as good as iOS or Android, but leagues and bounds better than Windows and especially Linux.

      ETC: *sandboxing/permission system

      • tmpod@lemmy.ptM
        link
        fedilink
        arrow-up
        0
        ·
        11 months ago

        What does Windows do? Genuine question, I’ve not used it since the 7 days. Regarding Linux, that’s true for stuff installed through regular package managers and whatnot, but Flatpak is pushing a more sandboxed and permission oriented system, akin to Android.

        • ruse8145@lemmy.sdf.org
          link
          fedilink
          arrow-up
          0
          ·
          11 months ago

          You have granular control over universal windows apps (ie windows 8+ apps) and one global lock over all desktop apps (non uwp), and one global lock over everything. It’s pretty solid considering how little control Microsoft has and it’s wonderful fetish for compatibility.

          Tldr basically same as Linux, except app distribution in Linux was bad enough for so long that more stuff is in the new restricted format while windows still has tons of things which will never go away and aren’t in the sandbox. I think not finding a way to sandbox all desktop apps was a mistake.

        • Pussista@sh.itjust.works
          link
          fedilink
          arrow-up
          0
          ·
          11 months ago

          It’s a joke. Apps have defined permissions already allowed on install and some of them have too many things set to allow like home or host access. Also, changing any permission requires restarting the app. It’s heading in the right direction, but it has a looooong way to go to catch up with macOS, let alone Android and iOS.

  • Prethoryn Overmind@lemmy.world
    link
    fedilink
    arrow-up
    0
    ·
    11 months ago

    Ah yes, another prime example that demonstrates that Lemmy is no different than Reddit. Everyone thinks they are a professional online.

    Nothing sensitive should ever lack encryption especially in the hands of a third party company managing your data claiming you are safe and your privacy is protected.

    No one is invincible and it’s okay to criticize the apps we hold to high regards. If your are pissed people are shitting on Signal you should be pissed Signal gave people a reason to shit on them.

    • doodledup@lemmy.world
      link
      fedilink
      arrow-up
      0
      ·
      11 months ago

      How is a Desktop OS any different from a mobile one? This is where you need to be more specific.

      • thayer@lemmy.ca
        link
        fedilink
        English
        arrow-up
        0
        ·
        edit-2
        11 months ago

        There are too many differences for me to list here, but unlike mobile operating systems, Windows and most Linux desktops do not provide sandboxed environments for userspace apps by default. Apps generally have free reign over the whole system; reading/writing data from/to other apps without restriction or notification. There are virtually no safeguards against malicious actors.

        Mobile operating systems significantly restrict system-level storage space, making key areas read-only to prevent data access or manipulation. They also protect app storage, so one app can’t arbitrarily access or modify data stored for a different app.

        Mobile operating systems also follow an image-based update model, wherein updates are atomic. System software updates are generally applied successfully all at once or not at all, helping to ensure your phone is never left in a partial or unusable state after a system update.

        For desktop users, macOS, and atomic Linux distros combined with Flatpak are the closest comparisons.

  • Mubelotix@jlai.lu
    link
    fedilink
    arrow-up
    0
    ·
    11 months ago

    Sure, I was aware. You have the same problem with ssh keys, gpg keys and many other things

  • ssm@lemmy.sdf.org
    link
    fedilink
    arrow-up
    0
    ·
    edit-2
    11 months ago

    So many better standards like XMPP and IRC yet people use Signal and Telegram. I hate marketing.

    • ruse8145@lemmy.sdf.org
      link
      fedilink
      arrow-up
      0
      ·
      11 months ago

      Signal is an objectively better experience than xmpp, and has about identical security (same with matrix). Irc isn’t secure afaik. Telegram isn’t secure afaik.

      A better wish would be that people in 2024 would stop being fuckign weird about their cell number. Some people don’t want to give it out despite white pages being the standard for years (and how the Terminator knows who to kill). Other people refuse to use a messaging app where they can’t use their phone to sign up. Some people want to sign up with their number but not give it out.

    • notannpc@lemmy.world
      link
      fedilink
      arrow-up
      0
      ·
      11 months ago

      Obviously the keys could be stored more securely, but if you’ve got malware on your machine that can exploit this you’ve already got bigger problems.

      • douglasg14b@lemmy.world
        link
        fedilink
        arrow-up
        0
        ·
        edit-2
        11 months ago

        That’s not how this works.

        This sort of “dismissive security through ignorance” is how we get so many damn security breaches these days.

        I see this every day with software engineers, a group that you would think would be above the bar on security. Unfortunately a little bit of knowledge results in a mountain of confidence (see Dunning Kruger effect). They are just confident in bad choices instead.

        We don’t need to use encryption at rest because if the database is compromised we have bigger problems” really did a lot to protect the last few thousand companies from preventable data exfiltration that was in fact the largest problem they had.


        Are you confident in your omnipotence in that you can enumerate all risks and attack factors that can result in data being exfiltrated from a device?

        If not, then why comment as if you are?

      • southsamurai@sh.itjust.works
        link
        fedilink
        arrow-up
        0
        ·
        11 months ago

        A different encrypted messaging service. Decent, but hasn’t taken off despite using email for accounts rather than phone bonkers numbers

        • Mubelotix@jlai.lu
          link
          fedilink
          arrow-up
          0
          ·
          11 months ago

          All these apps are going to have to understand that they MUST be compatible between each other

          • southsamurai@sh.itjust.works
            link
            fedilink
            arrow-up
            0
            ·
            11 months ago

            I mean, not really.

            Which standard are they going to be forced to use? What infrastructure? What encryption? Are they going to be forced to develop apps for every platform?

            The best you can hope to expect is apps using the same standard being compatible. Xmpp, matrix, whisper, whatever. Even matrix bridges don’t really fix compatibility across standards very well.

            It’s nice to think that anyone anywhere, could expect to install any app and communicate with anyone else and maintain encryption as well as full privacy. But as far as anyone I’ve ever seen talk about it that’s actually trained in the technology behind it all, it isn’t possible unless there’s a single, enforced standard in use.

            Does it suck to have to deal with multiple apps? Hell yes. But I also don’t like the idea of being forced to use whatever compromise protocol would make it realistic. I’d rather have a dozen apps with no single gatekeeper between them.

  • sntx@lemm.ee
    link
    fedilink
    arrow-up
    0
    ·
    11 months ago

    I have three things to say:

    1. Everyone, please make sure you’ve set up sound disk encryption
    2. That’s not a suprise (for me at least)
    3. It’s not much different on mobile (db is unecrypted) - check out molly (signal fork) if you want to encrypt it. However encrypted db means no messages until you decrypt it.
  • ForgottenFlux@lemmy.worldOP
    link
    fedilink
    English
    arrow-up
    0
    ·
    11 months ago

    Summary:

    • Signal’s desktop app stores encryption keys for chat history in plaintext, making them accessible to any process on the system
    • Researchers were able to clone a user’s entire Signal session by copying the local storage directory, allowing them to access the chat history on a separate device
    • This issue was previously highlighted in 2018, but Signal has not addressed it, stating that at-rest encryption is not something the desktop app currently provides
    • Some argue this is not a major issue for the “average user”, as other apps also have similar security shortcomings, and users concerned about security should take more extreme measures
    • However, others believe this is a significant security flaw that undermines Signal’s core promise of end-to-end encryption
    • A pull request was made in April 2023 to implement Electron’s safeStorage API to address this problem, but there has been no follow-up from Signal
      • poVoq@slrpnk.net
        link
        fedilink
        arrow-up
        0
        ·
        11 months ago

        If your system is compromised to such an extend, it really doesn’t make much difference how the keys are stored at rest.

        • phoneymouse@lemmy.world
          link
          fedilink
          arrow-up
          0
          ·
          edit-2
          11 months ago

          If the keys are accessible to any process, your system doesn’t need to be compromised. All it takes is an App that you”trust” to break that trust and snatch everything up. Meta has already been caught fucking around with other social media apps on device. They even intercepted Snapchat traffic on some users devices in order to collect that data. It could be as simple as you installed WhatsApp and they went and pillaged your Signal files.

          • NekuSoul@lemmy.nekusoul.de
            link
            fedilink
            arrow-up
            0
            ·
            11 months ago

            All it takes is an App that you”trust” to break that trust

            I get what you’re trying to say, but that’s something I’d classify as “compromised” as well.

            • phoneymouse@lemmy.world
              link
              fedilink
              arrow-up
              0
              ·
              edit-2
              11 months ago

              For sure, just suggesting that “compromised” doesn’t necessarily mean you got hacked by someone because they tricked you into giving a password, or they scraped it from another website, or you installed something sketchy. It could be as simple as Microsoft scans all your files with AI, or Meta snoops other social media (which it has been caught doing).

              • Zpiritual@lemm.ee
                link
                fedilink
                arrow-up
                0
                ·
                11 months ago

                So you’re saying that the os itself is compromised? Gee, good luck protecting your processes from the fucking os, no matter how you do it.

    • uis@lemm.ee
      link
      fedilink
      arrow-up
      0
      ·
      11 months ago

      Indeed, End-to-End Encryption protects data between those ends, not ends themselves. If ends are compromised, no math will help you.

    • AlexWIWA@lemmy.ml
      link
      fedilink
      English
      arrow-up
      0
      ·
      edit-2
      11 months ago

      Mfw end to end can be compromised at the end.

      That said, they should fix this anyway

    • potatopotato@sh.itjust.works
      link
      fedilink
      arrow-up
      0
      ·
      11 months ago

      Intrinsically/semantically no but the expectation is that the texts are encrypted at rest and the keys are password and/or tpm+biometric protected. That’s just how this works at this point. Also that’s the government standard for literally everything from handheld devices to satellites (yes, actually).

      At this point one of the most likely threat vectors is someone just taking your shit. Things like border crossings, rubber stamped search warrants, cops raid your house because your roommate pissed them off, protests, needing to go home from work near a protest, on and on.

      • Redjard@lemmy.dbzer0.com
        link
        fedilink
        arrow-up
        0
        ·
        11 months ago

        TPM isn’t all that reliable. You will have people upgrading their pc, or windows update updating their bios, or any number of other reasons reset their tpm keys, and currently nothing will happen. In effect people would see Signal completely break and loose all their data, often seemingly for no reason.

        Talking to windows or through it to the TPM also seems sketchy.

        In the current state of Windows, the sensible choice is to leave hardware-based encryption to the OS in the form of disk encryption, unfortunate as it is. The great number of people who loose data or have to recover their backup disk encryption key from their Microsoft account tells how easily that system is disturbed (And that Microsoft has the decryption keys for your encrypted date).

      • 9tr6gyp3@lemmy.world
        link
        fedilink
        arrow-up
        0
        ·
        edit-2
        11 months ago

        If your device is turned on and you are logged in, your data is no longer at rest.

        Signal data will be encrypted if your disk is also encrypted.

        If your device’s storage is not encrypted, and you don’t have any type of verified boot process, then thats on you, not Signal.

        • uis@lemm.ee
          link
          fedilink
          arrow-up
          0
          ·
          edit-2
          11 months ago

          Signal data will be encrypted if your disk is also encrypted.

          True.

          and you don’t have any type of verified boot process

          How motherboard refusing to boot from another drive would protect anything?

        • douglasg14b@lemmy.world
          link
          fedilink
          arrow-up
          0
          ·
          edit-2
          11 months ago

          That’s not how this works.

          If the stored data from signal is encrypted and the keys are not protected than that is the security risk that can be mitigated using common tools that every operating system provides.

          You’re defending signal from a point of ignorance. This is a textbook risk just waiting for a series of latent failures to allow leaks or access to your “private” messages.

          There are many ways attackers can dump files without actually having privileged access to write to or read from memory. However, that’s a moot point as neither you nor I are capable of enumerating all potential attack vectors and risks. So instead of waiting for a known failure to happen because you are personally “confident” in your level of technological omnipotence, we should instead not be so blatantly arrogant and fill the hole waiting to be used.


          Also this is a common problem with framework provided solutions:

          https://www.electronjs.org/docs/latest/api/safe-storage

          This is such a common problem that it has been abstracted into apis for most major desktop frameworks. And every major operating system provides a key ring like service for this purpose.

          Because this is a common hole in your security model.

          • 9tr6gyp3@lemmy.world
            link
            fedilink
            arrow-up
            0
            ·
            edit-2
            11 months ago

            Having Signal fill in gaps for what the OS should be protecting is just going to stretch Signal more than it already does. I would agree that if Signal can properly support that kind of protection on EVERY OS that its built for, go for it. But this should be an OS level protection that can be offered to Signal as an app, not the other way around.

            • douglasg14b@lemmy.world
              link
              fedilink
              arrow-up
              0
              ·
              11 months ago

              Having Signal fill in gaps for what the OS should be protecting is just going to stretch Signal more than it already does. I would agree that if Signal can properly support that kind of protection on EVERY OS that its built for, go for it. But this should be an OS level protection that can be offered to Signal as an app, not the other way around.

              Damn reading literacy has gone downhill these days.

              Please reread my post.

              But this should be an OS level protection that can be offered to Signal as an app, not the other way around.

              1. OSs provide keyring features already
              2. The framework signal uses (electron) has a built in API for this EXACT NEED

              Cmon, you can do better than this, this is just embarrassing.

  • x1gma@lemmy.world
    link
    fedilink
    arrow-up
    0
    ·
    11 months ago

    How in the fuck are people actually defending signal for this, and with stupid arguments such as windows is compromised out of the box?

    You. Don’t. Store. Secrets. In. Plaintext.

    There is no circumstance where an app should store its secrets in plaintext, and there is no secret which should be stored in plaintext. Especially since this is not some random dudes random project, but a messenger claiming to be secure.

    • Possibly linux@lemmy.zip
      link
      fedilink
      English
      arrow-up
      0
      ·
      11 months ago

      If someone has access to your machine you are screwed anyway. You need to store the encryption key somewhere

      • x1gma@lemmy.world
        link
        fedilink
        arrow-up
        0
        ·
        11 months ago

        Yes, in your head, and in your second factor, if possible, keeping them always encrypted at rest, decrypting at the latest possible moment and not storing (decrypted) secrets in-memory for longer than absolutely necessary at use.

    • refalo@programming.dev
      link
      fedilink
      arrow-up
      0
      ·
      edit-2
      11 months ago

      How in the fuck are people actually defending signal for this

      Probably because Android (at least) already uses file-based encryption, and the files stored by apps are not readable by other apps anyways.

      And if people had to type in a password every time they started the app, they just wouldn’t use it.

      • uis@lemm.ee
        link
        fedilink
        arrow-up
        0
        ·
        11 months ago

        AFAIK Android encrypts entire fs with one key. And ACL is not encryption.

      • Liz@midwest.social
        link
        fedilink
        English
        arrow-up
        0
        ·
        11 months ago

        Popular encrypted messaging app Signal is facing criticism over a security issue in its desktop application.

        Emphasis mine.

        • ChapulinColorado@lemmy.world
          link
          fedilink
          arrow-up
          0
          ·
          11 months ago

          I think the point is the developers might have just migrated the code without adjustments since that is how it was implemented before. Similar to how PC game ports sometimes run like shit since they are a close 1-1 of the original which is not always the most optimized or ideal, but the quickest to output.

          • x1gma@lemmy.world
            link
            fedilink
            arrow-up
            0
            ·
            11 months ago

            Been a few days since using electron, but AFAIK electron can’t be used as a wrapper for android apps, or can it? Or is their android app a web app wrapped into a “native” android app too?

            Also, since this seems to be an issue since 2018, 6 years should be plenty to rewrite using a native secure storage…

    • uis@lemm.ee
      link
      fedilink
      arrow-up
      0
      ·
      11 months ago

      You. Don’t. Store. Secrets. In. Plaintext.

      Ok. Enter password at every launch.

    • lemmyvore@feddit.nl
      link
      fedilink
      English
      arrow-up
      0
      ·
      11 months ago

      You. Don’t. Store. Secrets. In. Plaintext.

      SSH stores the secret keys in plaintext too. In a home dir accessible only by the owning user.

      I won’t speak about Windows but on Linux and other Unix systems the presumption is that if your home dir is compromised you’re fucked anyway. Effort should be spent on actually protecting access to the home personal files not on security theater.

      • x1gma@lemmy.world
        link
        fedilink
        arrow-up
        0
        ·
        11 months ago

        Kinda expected the SSH key argument. The difference is the average user group.

        The average dude with a SSH key that’s used for more than their RPi knows a bit about security, encryption and opsec. They would have a passphrase and/or hardening mechanisms for their system and network in place. They know their risks and potential attack vectors.

        The average dude who downloads a desktop app for a messenger that advertises to be secure and E2EE encrypted probably won’t assume that any process might just wire tap their whole “encrypted” communications.

        Let’s not forget that the threat model has changed by a lot in the last years, and a lot of effort went into providing additional security measures and best practices. Using a secure credential store, additional encryption and not storing plaintext secrets are a few simple ones of those. And sure, on Linux the SSH key is still a plaintext file. But it’s a deliberate decision of you to keep it as plaintext. You can at least encrypt with a passphrase. You can use the actual working file permission model of Linux and SSH will refuse to use your key with loose permissions. You would do the same on Windows and Mac and use a credential store and an agent to securely store and use your keys.

        Just because your SSH key is a plaintext file and the presumption of a secure home dir, you still wouldn’t do a ~/passwords.txt.

        • lemmyvore@feddit.nl
          link
          fedilink
          English
          arrow-up
          0
          ·
          11 months ago

          If someone gets access they can delete your keys, or set up something that can intercept your keys in other ways.

          The security of data at rest is just one piece of the puzzle. In many systems the access to the data is considered much more important than whether the data itself is encrypted in one particular scenario.

        • dave@programming.dev
          link
          fedilink
          arrow-up
          0
          ·
          11 months ago

          Well yes, but also how would users react if they had to type in their passphrase every time they open the app? This is also exactly what we’re giving up everywhere else by clicking ‘remember this device’.