Signal under fire for storing encryption keys in plaintext on desktop app

E2EE is not supposed to protect if device get compromised.

Summary:

• Signal's desktop app stores encryption keys for chat history in plaintext, making them accessible to any process on the system
• Researchers were able to clone a user's entire Signal session by copying the local storage directory, allowing them to access the chat history on a separate device
• This issue was previously highlighted in 2018, but Signal has not addressed it, stating that at-rest encryption is not something the desktop app currently provides
• Some argue this is not a major issue for the "average user", as other apps also have similar security shortcomings, and users concerned about security should take more extreme measures
• However, others believe this is a significant security flaw that undermines Signal's core promise of end-to-end encryption
• A pull request was made in April 2023 to implement Electron's safeStorage API to address this problem, but there has been no follow-up from Signal

How in the fuck are people actually defending signal for this, and with stupid arguments such as windows is compromised out of the box?

You. Don't. Store. Secrets. In. Plaintext.

There is no circumstance where an app should store its secrets in plaintext, and there is no secret which should be stored in plaintext. Especially since this is not some random dudes random project, but a messenger claiming to be secure.

Edit: "If you got malware then this is a problem anyway and not only for signal" - no, because if secure means to store secrets are used, than they are encrypted or not easily accessible to the malware, and require way more resources to obtain. In this case, someone would only need to start a process on your machine. No further exploits, no malicious signatures, no privilege escalations.

"you need device access to exploit this" - There is no exploiting, just reading a file.

While it would certainly be nice to see this addressed, I don't recall Signal ever claiming their desktop app provided encryption at rest. I would also think that anyone worried about that level of privacy would be using disappearing messages and/or regularly wiping their history.

That said, this is just one of the many reasons why whole disk encryption should be the default for all mainstream operating systems today, and why per-app permissions and storage are increasingly important too.

That applies to pretty much all desktop apps, your browser profile can be copied to get access to all your already logged in cookie sessions for example.

Sure, I was aware. You have the same problem with ssh keys, gpg keys and many other things

Why is Signal almost universally defended whenever another security flaw is discovered? They're not secure, they don't address security issues, and their business model is unsustainable in the long term.

But, but, if you have malware "you have bigger problems". But, but, an attacker would have to have "physical access" to exploit this. Wow, such bullshit. Do some of you people really understand what you're posting?

But, but, "windows is compromised right out of the box". Yes...and?

But, but, "Signal doesn't claim to be secure". Fuck off, yes they do.

But, but, "just use disk encryption". Just...no...WTF?

Anybody using Signal for secure messaging is misguided. Any on of your recipients could be using the desktop app and there's no way to know unless they tell you. On top of that, all messages filter through Signal's servers, adding a single-point-of-failure to everything. Take away the servers, no more Signal.

Ah yes, another prime example that demonstrates that Lemmy is no different than Reddit. Everyone thinks they are a professional online.

Nothing sensitive should ever lack encryption especially in the hands of a third party company managing your data claiming you are safe and your privacy is protected.

No one is invincible and it's okay to criticize the apps we hold to high regards. If your are pissed people are shitting on Signal you should be pissed Signal gave people a reason to shit on them.

The backlash is extremely idiotic. The only two options are to store it in plaintext or to have the user enter the decryption key every time they open it. They opted for the more user-friendly option, and that is perfectly okay.

If you are worried about an outsider extracting it from your computer, then just use full disk encryption. If you are worried about malware, they can just keylog you when you enter the decryption key anyways.

The real problem is that the security model for apps on mobile is much better than that for apps on desktop. Desktop apps should all have private storage that no other non-root app can access. And while we're at it, they should have to ask permission before activating the mic or camera.

Bruh windows and linux have a secrets vault (cred manager and keyring respectively, iirc) for this exact purpose.

Even Discord uses it on both OSs no problem

There is just no excuse for not even salting or SOMETHING to keep the secrets out of plaintext. The reason you don't store in plaintext is because it can lead to even incidental collection. Say you have some software, perhaps spyware, perhaps it's made by a major corporation so doesn't get called that and it crawls around and happens to upload a copy of a full or portion of the file containing this info, now it's been uploaded and compromised potentially not even by a malicious actor successfully gaining access to a machine but by poor practices.

No it can't stop a sophisticated malware specifically targeting Signal to steal credentials and gain access but it does mean casual malware that hasn't taken the time out to write a module to do that is out of luck and increases the burden on attackers. No it won't stop the NSA but it's still something that it stops someone's 17 year old niece who knows a little bit about computers but is no malware author from gaining access to your signal messages and account because she could watch a youtube video and follow along with simple tools.

The claims Signal is an op or the runner is under a national security letter order to compromise it look more and more plausible in light of weird bad basic practices like this and their general hostility. I'll still use it and it's far from the worst looking thing out there but there's something unshakably weird about the lead dev, their behavior and practices that can't be written off as being merely a bit quirky.

This just in: threat actors compromising your devices is bad. More at 11.

This shows an incredibly cavalier approach to security on the part of the team working on signal.

I have three things to say:

1. Everyone, please make sure you've set up sound disk encryption
2. That's not a suprise (for me at least)
3. It's not much different on mobile (db is unecrypted) - check out molly (signal fork) if you want to encrypt it. However encrypted db means no messages until you decrypt it.

Whatever its stores and however it stores it doesn't matter to me: I moved its storage space to my ~/.Private encrypted directory. Same thing for my browser: I don't use a master password or rely on its encryption because I set it up so it too saves my profile in the ~/.Private directory.

See here for more information. You can essentially secure any data saved by any app with eCryptfs - at least when you're logged out.

Linux-only of course. In Windows... well, Windows.

They could just add a password

Alternative headline: Someone has a feature request for Signal which would be of interest to a few people with very specific security needs.

Wire does this too :/

Does anyone know how iMessage handles this on desktop (on Macs) as they (as far as I know) upgraded their encryption recently?

Can we please all just acknowledge that desktop operating systems absolutely suck (in regards to security)?

dawg what the shitfuck

So many better standards like XMPP and IRC yet people use Signal and Telegram. I hate marketing.

Signal has so many red flags that I'm beginning to wonder if it is a honeypot.

You are telling me this has been going on for almost a decade now, and no one ever noticed ?

So we trust open source apps under the premise that if malicious code gets added to the code, at least one person will notice ? Here it shows that years pass before anyone notices and millions of people's communications could have been compromised by the world's most trusted messaging app.

I don't know which app to trust after this, if any?