Intrinsically/semantically no but the expectation is that the texts are encrypted at rest and the keys are password and/or tpm+biometric protected. That’s just how this works at this point. Also that’s the government standard for literally everything from handheld devices to satellites (yes, actually).
At this point one of the most likely threat vectors is someone just taking your shit. Things like border crossings, rubber stamped search warrants, cops raid your house because your roommate pissed them off, protests, needing to go home from work near a protest, on and on.
If the stored data from signal is encrypted and the keys are not protected than that is the security risk that can be mitigated using common tools that every operating system provides.
You’re defending signal from a point of ignorance. This is a textbook risk just waiting for a series of latent failures to allow leaks or access to your “private” messages.
There are many ways attackers can dump files without actually having privileged access to write to or read from memory. However, that’s a moot point as neither you nor I are capable of enumerating all potential attack vectors and risks. So instead of waiting for a known failure to happen because you are personally “confident” in your level of technological omnipotence, we should instead not be so blatantly arrogant and fill the hole waiting to be used.
Also this is a common problem with framework provided solutions:
This is such a common problem that it has been abstracted into apis for most major desktop frameworks. And every major operating system provides a key ring like service for this purpose.
Because this is a common hole in your security model.
Having Signal fill in gaps for what the OS should be protecting is just going to stretch Signal more than it already does. I would agree that if Signal can properly support that kind of protection on EVERY OS that its built for, go for it. But this should be an OS level protection that can be offered to Signal as an app, not the other way around.
Having Signal fill in gaps for what the OS should be protecting is just going to stretch Signal more than it already does. I would agree that if Signal can properly support that kind of protection on EVERY OS that its built for, go for it. But this should be an OS level protection that can be offered to Signal as an app, not the other way around.
Damn reading literacy has gone downhill these days.
Please reread my post.
But this should be an OS level protection that can be offered to Signal as an app, not the other way around.
OSs provide keyring features already
The framework signal uses (electron) has a built in API for this EXACT NEED
Cmon, you can do better than this, this is just embarrassing.
TPM isn’t all that reliable. You will have people upgrading their pc, or windows update updating their bios, or any number of other reasons reset their tpm keys, and currently nothing will happen. In effect people would see Signal completely break and loose all their data, often seemingly for no reason.
Talking to windows or through it to the TPM also seems sketchy.
In the current state of Windows, the sensible choice is to leave hardware-based encryption to the OS in the form of disk encryption, unfortunate as it is. The great number of people who loose data or have to recover their backup disk encryption key from their Microsoft account tells how easily that system is disturbed (And that Microsoft has the decryption keys for your encrypted date).
E2EE is not supposed to protect if device get compromised.
One could argue that Windows is compromised right out of the box.
Source:
source: 93% of ransomware are windows based
Correlation is not causation.
Causation was never stated nor implied
99% of people in France are French
Therefore France is french righr out of box
BUT WHAT OF QUEBEC
This is a bad argument. They go after the most popular OS. You go for the largest attack vector. More target attacks happen too time look at Stuxnet.
It’s like saying man dies in car accident. Well duh you could have gotten hit by a car or been in a car or man dies from going outside.
Also systemd and Wayland are making Linux way less unix like and kind of suck. I can’t grep this shit like the olden days
Microsoft are integrating adware and spyware straight into the os.
Source:
Try setup fresh windows 11 system.
I don’t understand how that would prove anything.
“The computer” decides when to install updates and which ones to install.
Intrinsically/semantically no but the expectation is that the texts are encrypted at rest and the keys are password and/or tpm+biometric protected. That’s just how this works at this point. Also that’s the government standard for literally everything from handheld devices to satellites (yes, actually).
At this point one of the most likely threat vectors is someone just taking your shit. Things like border crossings, rubber stamped search warrants, cops raid your house because your roommate pissed them off, protests, needing to go home from work near a protest, on and on.
If your device is turned on and you are logged in, your data is no longer at rest.
Signal data will be encrypted if your disk is also encrypted.
If your device’s storage is not encrypted, and you don’t have any type of verified boot process, then thats on you, not Signal.
That’s not how this works.
If the stored data from signal is encrypted and the keys are not protected than that is the security risk that can be mitigated using common tools that every operating system provides.
You’re defending signal from a point of ignorance. This is a textbook risk just waiting for a series of latent failures to allow leaks or access to your “private” messages.
There are many ways attackers can dump files without actually having privileged access to write to or read from memory. However, that’s a moot point as neither you nor I are capable of enumerating all potential attack vectors and risks. So instead of waiting for a known failure to happen because you are personally “confident” in your level of technological omnipotence, we should instead not be so blatantly arrogant and fill the hole waiting to be used.
Also this is a common problem with framework provided solutions:
https://www.electronjs.org/docs/latest/api/safe-storage
This is such a common problem that it has been abstracted into apis for most major desktop frameworks. And every major operating system provides a key ring like service for this purpose.
Because this is a common hole in your security model.
Having Signal fill in gaps for what the OS should be protecting is just going to stretch Signal more than it already does. I would agree that if Signal can properly support that kind of protection on EVERY OS that its built for, go for it. But this should be an OS level protection that can be offered to Signal as an app, not the other way around.
Damn reading literacy has gone downhill these days.
Please reread my post.
Cmon, you can do better than this, this is just embarrassing.
Why exactly am I re-reading your post? Im in complete agreement with you? Should I not be?
True.
How motherboard refusing to boot from another drive would protect anything?
Its more about protecting your boot process from malware.
TPM isn’t all that reliable. You will have people upgrading their pc, or windows update updating their bios, or any number of other reasons reset their tpm keys, and currently nothing will happen. In effect people would see Signal completely break and loose all their data, often seemingly for no reason.
Talking to windows or through it to the TPM also seems sketchy.
In the current state of Windows, the sensible choice is to leave hardware-based encryption to the OS in the form of disk encryption, unfortunate as it is. The great number of people who loose data or have to recover their backup disk encryption key from their Microsoft account tells how easily that system is disturbed (And that Microsoft has the decryption keys for your encrypted date).
Plaintext should never be used in any application that deals with security, ever.
Oh no, tell that to SSH.
unless you’re reading ciphertext yourself, this doesn’t make sense
It doesn’t use plain text. It is end to end encrypted but that isn’t what this “issue” is
Mfw end to end can be compromised at the end.
That said, they should fix this anyway
Indeed, End-to-End Encryption protects data between those ends, not ends themselves. If ends are compromised, no math will help you.