📝 Correction | Add warning that Signal stores attachments unencrypted and messages unsafely on desktop #1789
Reference in New Issue
Block a user
No description provided.
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Description
As said in signalapp/Signal-Desktop/#2815 Signal-Desktop stores all received attachments such as photos and videos unencrypted and while the messages are encrypted in a database, the decryption key is in plaintext in config.json
Why I am making the suggestion
I think users should be warned about this because it deviates from the usual behavior of the mobile app.
tbh, signal encrypts them in transit, if someone gets access to your computer to access the messages, you have got much bigger problems on your hands. there is a reason why disk encryption is becoming more common.
I'm inclined to agree with @blacklight447-ptio
If a user saves a file from the application elsewhere on there machine it won't be encrypted either unless they were using full disk encryption, eg bitlocker, dmcrypt, ecryptfs, filevault etc.
If the passwords were hashed, then Signal would have to ask for it every time the user opened the app.
We could still put a warning that the app should not be used on a multi-user system that lacks disk encryption. If we did that we'd really have to add warnings to every app that is in this category, which is most of them.
I agree it should not change Signal's "ranking" on PTIO, but I also think this merits a warning, maybe not specific to Signal BTW as I think this may affect nearly all softwares currently presented in Realtime communications.
Indeed, there's a reason why it's one of the criteria used on securechatguide listing, and why this was considered a big issue for Whatsapp or Telegram a few years ago until v2 of their protocol which seems to fix the issue.
Seems like we agree, closing issue.