Comment by novia
2 years ago
If anyone wants to help me add the thinnest layer of security possible to the signal desktop app please reach out to me. It needs the option to use a pin to unlock, like, yesterday.
As it stands, if you let someone use your computer and you have signal desktop, they can see all your E2E texts. Desktop computer sharing is much more common than the devs acknowledge. Also there have been several high profile cases of federal agents squatting on a confiscated laptop, keeping it awake and eavesdropping on signal group chats without the other participants’ knowledge. See the evidence in the FTX trial as a recent example.
I'm a python programmer, and I have zero experience changing the internals of an electron app, but this is a big deal to me.
If the feds have you device, they have everything, regardless of how hard you try to lock it down. Not worth even considering how to keep them out because you're simply not going to.
Also consider that, a sufficiently motivated private threat actor is likely going to break a pin, there's not enough entropy there, or they'll hit you with a $10 harbor freight pipe wrench until you tell them the pin.
For everything else, bitlocker, LUKS, or equivalent is more than sufficient and battle tested for those uses. Yes there are ways of breaking both, conditional on XYZ, etc, but, they're good enough. It does force you to multiboot, but that's good practice anyway, no reason someone using your computer should be using your root partition in 2024.
Ugh. I shouldn't have even mentioned the feds. This isn't threat actor level stuff. The thing that bothers me is that if I let a non-technical user onto my computer to do something like write an essay for school, they might stumble upon some messages that should have been private. There's zero protection. That's why I called adding a pin the thinnest possible level of security.
It might not please you to learn that Signal Desktop stores your messages in a trivially-read SQLite database. But it may prevent you from trying to lock the client with a pin.
https://www.alexbilz.com/post/2021-06-07-forensic-artifacts-...
Basically, Signal Desktop is a gaping security hole. That's why I said only the thinnest possible level of security.
There is a universal way of fixing this for all your desktop apps: locm your computer. It works similar to locking your phone: when it's locked, you have to first unlock it with a password or something, in order to start using the decide and it's apps again. As long as it's locked, all your data is protected.
Personal computers are big. They don't fit in your pocket. They don't lock when you hit a small button on the side. They are often shared. Your argument about locking down the whole computer is brought up every time someone wants this feature. The reality is, we want signal to be an application that anyone can use. Not everyone is a single male with enough income to have their own private computer.
So what about your mail client, team chat app, browser (with all your accounts logged in to your sites), terminal, and all your files and network mounts?
I would rather make this a feature of your desktop environment / window manager. Then you have this functionality for all apps, and the apps themselves don't have to make that functionality.
Edit: actually maybe what you're looking for is to have multiple accounts on one computer. Then every user has their own desktop environment with their own apps and data and apps are not shared among users.
2 replies →
Computers have keyboard shortcuts for locking. Some even have dedicated/configurable single buttons for locking, so they are just as easy to lock as phones are IMO.