• kbal@fedia.io
    link
    fedilink
    arrow-up
    14
    arrow-down
    13
    ·
    edit-2
    6 months ago

    Alternative headline: Someone has a feature request for Signal which would be of interest to a few people with very specific security needs.

    • AbidanYre@lemmy.world
      link
      fedilink
      English
      arrow-up
      11
      arrow-down
      3
      ·
      6 months ago

      You mean the types of people who would use signal to communicate with others?

    • communism@lemmy.ml
      link
      fedilink
      arrow-up
      7
      arrow-down
      2
      ·
      6 months ago

      It’s not a bad feature to ensure that eg if there’s a malicious process running on your computer it can’t send all your signal data to whomever

      • kbal@fedia.io
        link
        fedilink
        arrow-up
        7
        arrow-down
        6
        ·
        6 months ago

        Needing to enter a secure passphrase each time you want to use signal in exchange for one more fragile layer of defence for that one part of your data in a scenario that would normally mean you’ve already lost unless you’re running a super-secure compartmentalized operating system like qubes or something is probably not worth it for most people.

        • communism@lemmy.ml
          link
          fedilink
          arrow-up
          5
          arrow-down
          3
          ·
          6 months ago

          I already enter a passphrase every time I want to use Signal; I use the Molly client on my phone. It’s really not a big deal. I also enter a passphrase every time I launch my password manager, every time I launch my two-factor authentication app on my phone, and every time I open my email client. I think it’s fairly standard to protect sensitive data on your computer with encryption at rest and to decrypt it upon launching the application that handles the data.

          • refalo@programming.dev
            link
            fedilink
            arrow-up
            6
            ·
            edit-2
            6 months ago

            It’s really not a big deal

            For most casual users, it is a deal-breaker. And it’s hard to get everyday people to use your software with roadblocks like that.

            every time I open my email client.

            You must not get email very often, this is absolutely a non-starter for me.

            • communism@lemmy.ml
              link
              fedilink
              arrow-up
              3
              arrow-down
              1
              ·
              6 months ago

              For most casual users, it is a deal-breaker. And it’s hard to get everyday people to use your software with roadblocks like that.

              That’s fair enough, but the way the mobile app works is that you can opt in to having encryption at rest with a passphrase, so if you want to leave your signal database unencrypted you can.

              You must not get email very often, this is absolutely a non-starter for me.

              Once you open it you can leave it open if you need notifications. Sometimes I leave it open, sometimes I just want to check my emails and then close it. Idk, I really think typing in a password for authentication/decryption regularly is such a non-issue, like for instance do you not regularly type in a password when you run a command with sudo? Again, if it’s opt-in I also don’t see the issue, except for the issue of allowing people to not encrypt their Signal data thus potentially compromising the people they’re messaging, but obviously that issue is currently universal for Signal desktop.

          • kbal@fedia.io
            link
            fedilink
            arrow-up
            4
            arrow-down
            1
            ·
            edit-2
            6 months ago

            Huh. I would’ve thought most desktop users just leave it running all day long like I do. Obviously there is the disk encryption passphrase at boot, adding another one for signal would in my case be redundant.

            But the point is not only how easy it is to enter a passphrase, but also how much security that actually gains you. I don’t think it does much on the typical desktop, be it windows or linux, where there are so many ways to escalate or persist privilege for anyone that has user-level access.

            • refalo@programming.dev
              link
              fedilink
              arrow-up
              5
              ·
              6 months ago

              I would’ve thought most desktop users just leave it running all day long like I do.

              They do. OP is not a normal user.

            • communism@lemmy.ml
              link
              fedilink
              arrow-up
              3
              arrow-down
              1
              ·
              edit-2
              6 months ago

              Obviously there is the disk encryption passphrase at boot, adding another one for signal would in my case be redundant.

              I also have full disk encryption, but I still have some databases on my disk encrypted because I decrypt my disk when I boot my computer. But yeah if you have Signal open (& its db decrypted) all the time it would probably be minimal. I don’t have Signal open all the time though, only when I want to check messages or am actively using it

              I don’t think it does much on the typical desktop, be it windows or linux, where there are so many ways to escalate or persist privilege for anyone that has user-level access.

              The point would be encryption, even the root user wouldn’t be able to read encrypted data if they don’t have the passphrase

              • kbal@fedia.io
                link
                fedilink
                arrow-up
                4
                arrow-down
                1
                ·
                6 months ago

                If you have root, intercepting all the user’s keystrokes is trivial.

          • tmpod@lemmy.ptM
            link
            fedilink
            arrow-up
            1
            arrow-down
            1
            ·
            6 months ago

            This has nothing to do with the mobile app, which also has password/biometric unlocking, it’s about the desktop electron app.

              • kbal@fedia.io
                link
                fedilink
                arrow-up
                1
                arrow-down
                3
                ·
                6 months ago

                You did but it says “desktop” right in the page title.

                • communism@lemmy.ml
                  link
                  fedilink
                  arrow-up
                  2
                  ·
                  6 months ago

                  I’m now genuinely not sure what you’re saying. I did what? I said it was about the mobile app? I didn’t say it was about the mobile app?

                  • kbal@fedia.io
                    link
                    fedilink
                    arrow-up
                    1
                    arrow-down
                    3
                    ·
                    edit-2
                    6 months ago

                    If I’m not mistaken you were talking about how things work “on my phone” but I suppose you had in mind that the principle would apply to desktop as well.

                    In practice it does somewhat come down to how well containerized and locked-down the environment is, so I think the difference does matter. Android for instance sucks in very many ways, but it’s somewhat reliable in usually keeping apps from interfering with each other. There are a few desktops that try to do that, but they’re still not too popular I think. Desktop users are used to having full control of everything. Seems to me the pervasive compartmentalization of everything (it wouldn’t be sufficient for the purposes we’re talking about to put only Signal in a secure container) is accepted as necessary on mobile devices mostly because so many of the apps are terrible.