• Mubelotix@jlai.lu
    link
    fedilink
    arrow-up
    2
    ·
    5 months ago

    Sure, I was aware. You have the same problem with ssh keys, gpg keys and many other things

    • Mr. Satan@monyet.cc
      link
      fedilink
      arrow-up
      1
      ·
      5 months ago

      However, you can save encrypted ssh, gpg keys and save that encryption key in the OS keyring.

    • uis@lemm.ee
      link
      fedilink
      arrow-up
      1
      ·
      5 months ago

      Indeed, End-to-End Encryption protects data between those ends, not ends themselves. If ends are compromised, no math will help you.

    • AlexWIWA@lemmy.ml
      link
      fedilink
      English
      arrow-up
      1
      ·
      edit-2
      5 months ago

      Mfw end to end can be compromised at the end.

      That said, they should fix this anyway

    • potatopotato@sh.itjust.works
      link
      fedilink
      arrow-up
      0
      ·
      5 months ago

      Intrinsically/semantically no but the expectation is that the texts are encrypted at rest and the keys are password and/or tpm+biometric protected. That’s just how this works at this point. Also that’s the government standard for literally everything from handheld devices to satellites (yes, actually).

      At this point one of the most likely threat vectors is someone just taking your shit. Things like border crossings, rubber stamped search warrants, cops raid your house because your roommate pissed them off, protests, needing to go home from work near a protest, on and on.

      • 9tr6gyp3@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        edit-2
        5 months ago

        If your device is turned on and you are logged in, your data is no longer at rest.

        Signal data will be encrypted if your disk is also encrypted.

        If your device’s storage is not encrypted, and you don’t have any type of verified boot process, then thats on you, not Signal.

  • Borna Punda@lemmy.zip
    link
    fedilink
    English
    arrow-up
    2
    ·
    edit-2
    5 months ago

    The backlash is extremely idiotic. The only two options are to store it in plaintext or to have the user enter the decryption key every time they open it. They opted for the more user-friendly option, and that is perfectly okay.

    If you are worried about an outsider extracting it from your computer, then just use full disk encryption. If you are worried about malware, they can just keylog you when you enter the decryption key anyways.

    • x1gma@lemmy.world
      link
      fedilink
      arrow-up
      1
      ·
      5 months ago

      The third option is to use the native secret vault. MacOS has its Keychain, Windows has DPAPI, Linux has has non-standardized options available depending on your distro and setup.

      Full disk encryption does not help you against data exfil, it only helps if an attacker gains physical access to your drive without your decryption key (e.g. stolen device or attempt to access it without your presence).

      Even assuming that your device is compromised by an attacker, using safer storage mechanisms at least gives you time to react to the attack.

  • thayer@lemmy.ca
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    5 months ago

    While it would certainly be nice to see this addressed, I don’t recall Signal ever claiming their desktop app provided encryption at rest. I would also think that anyone worried about that level of privacy would be using disappearing messages and/or regularly wiping their history.

    That said, this is just one of the many reasons why whole disk encryption should be the default for all mainstream operating systems today, and why per-app permissions and storage are increasingly important too.

  • ExtremeDullard@lemmy.sdf.org
    link
    fedilink
    arrow-up
    1
    ·
    5 months ago

    Whatever its stores and however it stores it doesn’t matter to me: I moved its storage space to my ~/.Private encrypted directory. Same thing for my browser: I don’t use a master password or rely on its encryption because I set it up so it too saves my profile in the ~/.Private directory.

    See here for more information. You can essentially secure any data saved by any app with eCryptfs - at least when you’re logged out.

    Linux-only of course. In Windows… well, Windows.

    • uis@lemm.ee
      link
      fedilink
      arrow-up
      1
      ·
      5 months ago

      Or ext4 encrytion. Which is overpowered. You can have different keys for different files and directories.

  • HappyTimeHarry@lemm.ee
    link
    fedilink
    English
    arrow-up
    1
    ·
    5 months ago

    That applies to pretty much all desktop apps, your browser profile can be copied to get access to all your already logged in cookie sessions for example.

  • Dem Bosain@midwest.social
    link
    fedilink
    English
    arrow-up
    0
    ·
    5 months ago

    Why is Signal almost universally defended whenever another security flaw is discovered? They’re not secure, they don’t address security issues, and their business model is unsustainable in the long term.

    But, but, if you have malware “you have bigger problems”. But, but, an attacker would have to have “physical access” to exploit this. Wow, such bullshit. Do some of you people really understand what you’re posting?

    But, but, “windows is compromised right out of the box”. Yes…and?

    But, but, “Signal doesn’t claim to be secure”. Fuck off, yes they do.

    But, but, “just use disk encryption”. Just…no…WTF?

    Anybody using Signal for secure messaging is misguided. Any on of your recipients could be using the desktop app and there’s no way to know unless they tell you. On top of that, all messages filter through Signal’s servers, adding a single-point-of-failure to everything. Take away the servers, no more Signal.

    • uis@lemm.ee
      link
      fedilink
      arrow-up
      0
      ·
      5 months ago

      But, but, “just use disk encryption”. Just…no…WTF?

      So not encrypting keys is bad, but actually encrypting them is bad too? Ok.

      Any on of your recipients could be using the desktop app and there’s no way to know unless they tell you.

      Another applefan? How it THIS supposed to be in scope of E2EE? Moreover, how having a way to know if recepient is using desktop app is not opposite of privacy?

      On top of that, all messages filter through Signal’s servers, adding a single-point-of-failure to everything. Take away the servers, no more Signal.

      Indeed. This is why I use Matrix. Also, fuck showing phone numbers to everyone(I heard they did something about it) and registration with phone numbers.

      • Dem Bosain@midwest.social
        link
        fedilink
        English
        arrow-up
        0
        ·
        5 months ago

        Any “secure” so that relies on someone else for security is not secure.

        Fuck the scope of E2EE. Signal makes a lot of claims on their website that are laughable. The desktop app is their main weakness. Attachments are stored unencrypted, keys in plaintext. If they were serious about security, they would depricate the windows app and block it from their servers.

        WTF does Apple have to do with anything?

        • uis@lemm.ee
          link
          fedilink
          arrow-up
          0
          arrow-down
          1
          ·
          5 months ago

          Any “secure” so that relies on someone else for security is not secure.

          Fuck the scope of E2EE.

          When someone has FSB/NSA agent behind them reading messages, no amount of encryption will help. Biggest cybersecurity vulnreability is located between monitor and chair. When you are texting someone else, that someone else’s chair-monitor space is also vulnreable.

          Signal makes a lot of claims on their website that are laughable.

          Well, maybe. I didn’t read their claims, nor I use signal.

          Attachments are stored unencrypted, keys in plaintext.

          Is OS-level encryption plaintext or not? If yes, then they are encrypted, provided user enables such feature in OS. If not - nothing if encrypted fundamentally.

          If they were serious about security, they would depricate the windows app and block it from their servers.

          WTF does Apple have to do with anything?

          You just used applefans’ argument. Yeah, I wonder what.

  • x1gma@lemmy.world
    link
    fedilink
    arrow-up
    0
    arrow-down
    1
    ·
    edit-2
    5 months ago

    How in the fuck are people actually defending signal for this, and with stupid arguments such as windows is compromised out of the box?

    You. Don’t. Store. Secrets. In. Plaintext.

    There is no circumstance where an app should store its secrets in plaintext, and there is no secret which should be stored in plaintext. Especially since this is not some random dudes random project, but a messenger claiming to be secure.

    Edit: “If you got malware then this is a problem anyway and not only for signal” - no, because if secure means to store secrets are used, than they are encrypted or not easily accessible to the malware, and require way more resources to obtain. In this case, someone would only need to start a process on your machine. No further exploits, no malicious signatures, no privilege escalations.

    “you need device access to exploit this” - There is no exploiting, just reading a file.

    • Possibly linux@lemmy.zip
      link
      fedilink
      English
      arrow-up
      1
      ·
      5 months ago

      If someone has access to your machine you are screwed anyway. You need to store the encryption key somewhere

      • x1gma@lemmy.world
        link
        fedilink
        arrow-up
        0
        arrow-down
        1
        ·
        edit-2
        5 months ago

        Yes, in your head, and in your second factor, if possible, keeping derived secrets always encrypted at rest, decrypting at the latest possible moment and not storing (decrypted) secrets in-memory for longer than absolutely necessary at use.

    • lemmyvore@feddit.nl
      link
      fedilink
      English
      arrow-up
      1
      ·
      5 months ago

      You. Don’t. Store. Secrets. In. Plaintext.

      SSH stores the secret keys in plaintext too. In a home dir accessible only by the owning user.

      I won’t speak about Windows but on Linux and other Unix systems the presumption is that if your home dir is compromised you’re fucked anyway. Effort should be spent on actually protecting access to the home personal files not on security theater.

        • dave@programming.dev
          link
          fedilink
          arrow-up
          1
          ·
          5 months ago

          Well yes, but also how would users react if they had to type in their passphrase every time they open the app? This is also exactly what we’re giving up everywhere else by clicking ‘remember this device’.

    • refalo@programming.dev
      link
      fedilink
      arrow-up
      0
      ·
      edit-2
      5 months ago

      How in the fuck are people actually defending signal for this

      Probably because Android (at least) already uses file-based encryption, and the files stored by apps are not readable by other apps anyways.

      And if people had to type in a password every time they started the app, they just wouldn’t use it.

      • Liz@midwest.social
        link
        fedilink
        English
        arrow-up
        0
        arrow-down
        1
        ·
        5 months ago

        Popular encrypted messaging app Signal is facing criticism over a security issue in its desktop application.

        Emphasis mine.

        • ChapulinColorado@lemmy.world
          link
          fedilink
          arrow-up
          1
          ·
          5 months ago

          I think the point is the developers might have just migrated the code without adjustments since that is how it was implemented before. Similar to how PC game ports sometimes run like shit since they are a close 1-1 of the original which is not always the most optimized or ideal, but the quickest to output.

  • Prethoryn Overmind@lemmy.world
    link
    fedilink
    arrow-up
    0
    arrow-down
    1
    ·
    5 months ago

    Ah yes, another prime example that demonstrates that Lemmy is no different than Reddit. Everyone thinks they are a professional online.

    Nothing sensitive should ever lack encryption especially in the hands of a third party company managing your data claiming you are safe and your privacy is protected.

    No one is invincible and it’s okay to criticize the apps we hold to high regards. If your are pissed people are shitting on Signal you should be pissed Signal gave people a reason to shit on them.

    • Possibly linux@lemmy.zip
      link
      fedilink
      English
      arrow-up
      1
      ·
      5 months ago

      Where are you going to store the encryption key? At the end of the day the local machine is effectively pwded anyway