📝 Correction | Add warning that Signal stores attachments unencrypted and messages unsafely on desktop #1789
Labels
No Label
🔍🤖 Search Engines
approved
dependencies
duplicate
feedback wanted
high priority
I2P
iOS
low priority
OS
Self-contained networks
Social media
stale
streaming
todo
Tor
WIP
wontfix
XMPP
[m]
₿ cryptocurrency
ℹ️ help wanted
↔️ file sharing
⚙️ web extensions
✨ enhancement
❌ software removal
💬 discussion
🤖 Android
🐛 bug
💢 conflicting
📝 correction
🆘 critical
📧 email
🔒 file encryption
📁 file storage
🦊 Firefox
💻 hardware
🌐 hosting
🏠 housekeeping
🔐 password managers
🧰 productivity tools
🔎 research required
🌐 Social News Aggregators
🆕 software suggestion
👥 team chat
🔒 VPN
🌐 website issue
🚫 Windows
👁️ browsers
🖊️ digital notebooks
🗄️ DNS
🗨️ instant messaging (im)
🇦🇶 translations
No Milestone
No Assignees
1 Participants
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: privacyguides/privacytools.io#1789
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Description
As said in signalapp/Signal-Desktop/#2815 Signal-Desktop stores all received attachments such as photos and videos unencrypted and while the messages are encrypted in a database, the decryption key is in plaintext in config.json
Why I am making the suggestion
I think users should be warned about this because it deviates from the usual behavior of the mobile app.
tbh, signal encrypts them in transit, if someone gets access to your computer to access the messages, you have got much bigger problems on your hands. there is a reason why disk encryption is becoming more common.
I'm inclined to agree with @blacklight447-ptio
If a user saves a file from the application elsewhere on there machine it won't be encrypted either unless they were using full disk encryption, eg bitlocker, dmcrypt, ecryptfs, filevault etc.
If the passwords were hashed, then Signal would have to ask for it every time the user opened the app.
We could still put a warning that the app should not be used on a multi-user system that lacks disk encryption. If we did that we'd really have to add warnings to every app that is in this category, which is most of them.
I agree it should not change Signal's "ranking" on PTIO, but I also think this merits a warning, maybe not specific to Signal BTW as I think this may affect nearly all softwares currently presented in Realtime communications.
Indeed, there's a reason why it's one of the criteria used on securechatguide listing, and why this was considered a big issue for Whatsapp or Telegram a few years ago until v2 of their protocol which seems to fix the issue.
Seems like we agree, closing issue.