Comment by ctrlp
8 months ago
It would be interesting and valuable to have additional security controls in Signal group chats. It's frustrating that the platform is so feature limited.
8 months ago
It would be interesting and valuable to have additional security controls in Signal group chats. It's frustrating that the platform is so feature limited.
Can you expand on what you'd like to see?
Some layer of ACL and better controls over group membership and message visibility. In this case, if it were an inadvertent added member, then there could be a group/role level restrictions on channels that restrict members from a pool of approved members depending on the security context. Classic security stuff, really. I'm sure others could think of more interesting use cases, but preventing mistaken group adds feels like low-hanging fruit.
Yeah, that's what I thought you meant. This situation is what MAC and specifically MLS are actually for, so that exactly this doesn't happen. There must be mobile devices and texting apps that actually support that but as far as I understand it Android is very far from being able to implement that kind of policy (despite heavy use of SELinux).
It's actually weird we don't see this in the corporate world either. These problems, as many of us know personally, exist everywhere, not just at the White House and it's going to lead to huge issues down the road.
Anyone here know if the DoD actually has their own stuff for this? It was they who came up with these technologies back in the rainbow books days.
1 reply →