*For notes with freedom, no spying, no tracking, open source, E2EE, and more-visit our sponsor of this video Notesnook:* notesnook.com Also please please leave your thoughts below on the situation, really curious to hear! You all had some great takes on my last video
Hard to match that entirely, I'd personally opt for Matrix as the closest option to that which I've seen. Not perfect but maybe others will have suggestions too :)
@@KingFroglet probably more secure than SMS but less secure than signal. it claims to be E2EE but it's also closed source so nobody can really verify what it's doing exactly. and it's owned by facebook, so take that for what you will.
That one really made me scared. Blocking a security audit is very disturbing. Makes me think signal is being controlled now by the spooks and 3letter boys
Please don't place your in-video captions at the bottom of the screen. For those of us relying on Subtitles to follow the video, it gets hard to read, and we'll need to temporarily turn off subtitles and turn it back again. It's happened a lot of times. Eg: at 4:57.
This has been a ridiculous oversight for many years. Anyone without full disk encryption is at risk of having ALL their messages stolen. It's also noteworthy that any user must also trust their conversation partner to ALSO have good physical security, because messages could be stolen from two sides! What's even more annoying: You cannot change the default directory where the user data is stored! At least brave has a flag that allows you to set the path for user data to a different directory (like a container). No such option for Signal. HUGE oversight. It's actually embarrassing how sloppy this is.
@@arturten8541 The problem is that you need to trust everybody else in your contacts to also use FDE! Worrying about your own threat model is difficult enough, how about worrying about everyone else's?
@@arturten8541 If you happen to get malware on your pc (which is not unthinkable). As they said, it stores the data in a location that's not configurable, where any process running as your user can access it. They need to encrypt it on disk and store the keys in the system keyring, so other applications can't access the data
@@arturten8541 I think FDE might be an issue on Windows, where BitLocker is essentially paywalled behind the Pro edition. As there is only one edition of macOS, and FileVault is heavily promoted in setup, it's less of an issue there,
I can't see any way around the endpoint security problem other than having to provide a password to Signal every time you start it. This is in great conflict with their ease-of-use requirement that's a core of why it's so easy to get people to use Signal. Briar does this, and it's a huge pain. I can see having this as an optional feature that people can turn on. And perhaps that's what they ought to do. Maybe they can think of something more clever than I can. But I would be really surprised if they could, and very eager to see what it was if they did. They did surprise me on just how cleverly they managed the handle issue.
Maybe some sort of a login token that's tied to the PC-s HWID? Migrate the user data to another machine and Signal will ask you to enter the password again.
@user-jl3yv6jl6s - Would you rather have nobody to talk to with Signal, but it also demanded that everybody always enter a password every time? Because that's the choice here. Most people wouldn't use it if that's what they had to do. And Signal's goal has always been really good security that everybody can use at little or no inconvenience to themselves. Most people don't value security nearly as highly as they should, and so if they have to enter a password, they just won't use it. And then you'll never have anybody to talk to on it. That's why I think that if they add a password, they should make it optional.
@@nils9293Take passkeys as the example: - It store the private keys in the TPM chip - Every time you need to retrive the secret, you need to reenter your password Therefore, usability takes a hit
If they did fix it, it was super on the DL. To those on Mac, go into your Keychain and (if running the Signal Beta), you SHOULD see Signal's "safe storage" in the Keychain.
I wouldn't consider this a vulnerability, if an attacker has access to your physical pc unencrypted, or you're infected with malware, your signal is compromised anyway
If you had to unencrypt it at run-time, you could choose to leave it closed and safe whenever, so even if your computer got apprehended while unlocked it the database would've still been more secure.
@@tiagotiagot no. If you have to decrypt it at runtime, and your computer has a loss of physical access (and your disk isn't encrypted, which would mitigate this issue in the first place really), the feds or attacker will just run the program, and it's now decrypted! Not that crazy.
@@kaiduwu I mean you would input password or something of the sort on launch, like how you unlock on your phone. It would useless to encrypt and just store the key in the same place in plain text.
I'm still using Signal, and, like you said, this vulnerability was *known* since 2018, which means those for whom this vulnerability was relevant to their threat model could take steps to mitigate the risk. In other words, Signal didn't hide this vulnerability or try to do some kind of coverup. But, I agree their response hurt people's trust and raises questions about what direction they're going. My solution has been to compartmentalize based on needs. I use Signal and Telegram for different purposes. I identify what my needs are and patch things together. Thankfully my security needs are not as demanding as they were some years ago, but, this is why I didn't use Signal on desktop when this was discovered because my security needs couldn't tolerate that vulnerability.
If they did roll out a fix, either it's not retroactive or it doesn't include all data. I just went and thru the local data store for desktop Signal on my laptop and foundunencrypted copies of image attachments from messages.
"The local security threats on your machine" attitude reminds me of Windows, where Microsoft doesn't care that anyone with physical access can just work around the login since ever.
*When a company is showing you SIGNS like these, it's time to re-evaluate.* This vulnerability being reported YEARS ago and not addressed could lead one to believe this is how Signal could have been keeping this "loophole" open for gov'ts/bad actors to "do their thing" with malware to grab those files, and therefore duplicate a user's Signal. Then Signal can say "Oh! Well that's local security it's the user's fault not ours! Whoops!" This could be how Tucker Carlson's Signal messages were compromised. He mentioned his Signal was "hacked" with no clear signs. This would have been SUPER easy for a gov't or malicious entity to install malware on his computer/phone, extract the files, and clone his Signal. I believe everyone who uses Signal should think twice. There have been so many red flags with Signal over the past few years that should give people pause. Oh and we also have no clue what goes on within Signal's servers/server side so that's always been an issue, but that's a topic for another day.
How do you check if this vulnerability exists on other apps like session and skred for example? And where do you go to see the vulnerabilities of apps?
If Signal isn't concerned about "local" security threats on my machine, then whey can't I export my messages to a local file. At that point it would be my problem to protect them. All I wan't Signal to do is provide point to point security. Let me manage my messages once they get to my computer.
The privacy community definitely needs to hold the people behind Signal accountable in order to maintain staff integrity and a focus on the goal of Signal. Otherwise, all this human error is going to snowball into more technical issues which will snowball into a lot of trust issues. I see absolutely no benefit to this behavior; instead it makes them look immature, it opens up no new opportunities for them, and obviously it is negatively affecting the privacy and security of their own userbase.
@@janice-ld4pf Yes, precisely this. I came here to comment that bad management is not a now issue, it has been since the early days of Signal Foundation with important issues adresses by the community being ignored and whatever crap getting incorporated.
The problem with the people working at Signal is that they're incredibly arrogant and have been this way for years. It's a strange hostility that really makes no sense.
Arrogant because their job is to collect people's information and their arrogant because they're better than you are because they know that only stupid people use this product.
This is very much overblown. Signal has been consistent for years in not prioritising client security her usability. That's why Molly exists on mobile for example. There's simply not that much you can do when the client system is compromised, they can fix this issue, but there's still going to be a thousand other ways you're gonna be able to exploit, unless you make Signal desktop harder to use.
It's not the topic, but watching some clips from the hearings in the US, they pretty quickly started asking about "encrypted communications" and what applications was the guy using. We may see the US government trying to limit availability of encrypted communicators altogether or require backdoors, which would be the same. Wit regards to Signal, I guess they want to focus on online privacy, but it still is weird.
Different take: if they acknowledged it years ago as an out of scope feature request, then that's not 'ignoring a security vuln' for years. This sounds like they don't encrypt the local data on PC, which is only an issue IF your PC is compromised (at which point, keyloggers / screengrabbers / your little brother could make this irrelevant). That said, is it reasonable for enc messengers to encrypt local data? Do other apps?
I think this really highlights the issue yourself and others have been bringing up when it comes to Proton. Whilst Proton have NOTHING to do with this, can you imagine if this was Proton acting this way? And what a state we would be in with people having to switch away from them for Email, Cloud Storage, Calendar, VPN, etc?
I've always had a different problem with signal. You may signal with someone to talk about walking dogs in the park and if they are on a government watch-list, then you just got added to the watch-list because signal is tied to your phone number and you are doing secret conversations with someone they already suspect. And until recently, you had to give out your phone number in order to signal with people. I hardly ever use a phone anyway as desktop is my primary communication tool. Still looking for the zero-knowledge communication tool which I can use from any device and has no requirements to anything physical tracking device such as a phone. Log in only, any device, zero knowledge, and used by everyone, multiple aliases!!!! Maybe someday my wish list will be fulfilled.
Not in any practical sense, no. It would need to have a decent UX, and a lot of these obscure apps that privacy blackpills push as "alternatives" to Signal....aren't.
I'm of 2 minds about this. On one hand, they're right that if someone has direct access to the machine or has it compromised, it literally doesn't matter. But on the other (conspiracy) hand, this vulnerability seems like its being intentionally left open for.....reasons.
Honestly this is just a PR problem rather than a vulnerability problem: Whatsapp also has the exact same issue. They have said multiple times WHY they havent addressed this.
@Everyone - It is not that you or the App will be hacked or leaked - it's when it will happen - make peace with it. Try your best to secure as you seem good or as secure as your IT technology knowledge allow you to you protect your account/information.
Signal response is not the greatest (i would say here it was one of the worst they could do), and that they took so long to fix this. But that's still they are protecting your messages by using end to end encryption between contacts, i would not care because i'm not downloading untrusted software like some pirated games or something but if you install only trusted by you apps then whats the problem. Also if you think your os can spy on you build your own or use something like arch linux and choose what should be on your pc.
Doesn't whatsapp give you notification on your phone when you are using desktop client? That would be a nice feature to add.. Maybe a an option to get warning only if it does not have the same public IP or same /64 for ipv6...
You are essentially demanding that they implement some security by obscurity. Everyone knows that a somehow hidden key would be found little later and you would be among the first to criticize them for faking security in such a way.
I wouldn't trust any message carrier with anything of consequence. Communicate as though everything is compromised. Signal is only good for wishing family happy birthday.
Set disappearing messages and don't say super sensitive things over electronic means that could be used against you. Nothing electronic is going to be 100%.
Why would this be surprising? That folder is the full state of Signal. When you start Signal you don't have to authenticate at all and it gets it's state and saved chats from there. So sure, if you clone it to another machine Signal will happily start up and continue on just as it does on the original one. The only workaround would be for Signal to setup and require a password to be entered every time you start the app. If you're using FDE this seems like a total non-issue. If you aren't, people can bypass your login anyway and start Signal on your own device. You're already vulnerable that way. Or solely run Signal off your mobile devices since they are all FDE and (should) have authentication to unlock.
Signal can store the encryption key in the operating system’s keychain which is the solution they came up with. This *is* surprising because they were storing live access to your account almost unencrypted so anyone can boot up your signal account in a different machines and receive/send messages without your knowledge because they had access to the same unencrypted key. Their fix now encrypts the key. They decided to fix it and you can read how: github.com/signalapp/Signal-Desktop/pull/6849
@@techlore On OSX, great, that's a tiny improvement. On Windows, the keychain is only protecting the key from other user sessions. So for 99.9% of people it offers no real mitigation you didn't already have from Bitlocker. If you're logged in and the screen is unlocked, you are still toast. On Linux, we're back to square 1 anyway depending on desktop env.
@@techlore Doesnt this just move the issue? Like with bitlocker on windows, where the OS has to be able to read the key from somewhere so the user doesnt need to type it in? Even if it was inside a e.g. TPM, the encrypted key has to be stored somewhere for decryption...
@@techlore Great and what stops the attacker from dumping the key directly from memory? This is a minor improvement that helps in some (mostly purely hypothetical) edge cases. Absolutely not worth the fuss you are making about it. If the attacker has a level of access where the operating system does not guarantee separation of privilege, there is nothing an application that exists within this boundary can do.
alternative would be to ask user to login everytime they open app... no thanks.. isn't it just like info-stealer stealing session cookies in chromium ?
There have been some tools to add basic encryption on top of SMS but I don't know of any being actively maintained. Maybe someone else knows of one? As for RCS, the standard itself does not guarantee E2EE and afaik the only person rolling out RCS with E2EE on any kind of large scale is Google within Google Messages (they're using the Signal Protocol for their RCS E2EE)
Silence, but last update from 2019; QKSMS, last update from 2023. Then there's Briar, which is not SMS but can function over BT mesh in case the internet is blocked--it's specifically designed to be as hard to block by governments as possible.
I don't have a specific recommendation for a tool, but you can find an app that works with text strings directly, like an app that encrypts text with a secret key, then just copy and paste the encrypted text into text messages, and your recipient will have to copy paste back into that app with the secret key. you'll have to agree on what the secret key is over a secure channel that the government can't spy on (like in person maybe). I'm sure you could also derive a shared secret over insecure channels using concepts from cryptography (which is really a branch of mathematics), but that is more complicated. Anyone spying on your texts though will see that they look like random characters and are likely encrypted, and that could be used as evidence against you maybe, might be more suspicious than using a popular app like whatsapp. idk how your country's government works.
@@Dionysor I have never heard of this software before today :) . I think Simplex needs internet. My government shut down internet for 5 days few days ago. They might do it again. So , I am looking for an app that can encrypt SMS without the help of internet. :)
This is a unfortunate situation on what happened to Signal. A big breach of trust to their community. Going to be interesting on what people do/migrate over to (if people do at all). Great video, and a great level-headed response! Thank you
There's really no other legit option other than WhatsApp, if we're being honest. Session may indeed be a more private solution, for example. It also happens to be a more private solution *that nobody uses* so it isn't a valid alternative.
How exactly is this an issue? Someone would not only have to get their hands on those files, but also be able to log in to your personal account. If that happens you have far more issues than signal because they'd have direct access to your entire system. Do you prefer the idea of people losing all their messages if they move to a new system?
You’re missing the attack. The encryption key not being protected and someone being able to have a LIVE signal client that receives/sends messages without you knowing is actually pretty terrifying IMHO. They don’t need to log in. The folder includes your data unencrypted and just the folder itself will ‘log you in’ It’s grabbing a folder and then having a new device added to the account without the person knowing. As for losing messages on a new system, this is already the default for signal.
Session is more private and definitely more serious about their app than Signal. The Signal organisation may very well be on a downhill path, the proof is already in their behaviour. Very hard to change that once it roots, you are wasting time by staying with them.
I really hope this doesn't get "fixed" because I'd literally lose access to my account. I lost access to my phone number (and the mobile app) 2 years ago and I've been actively using this method to restore my Signal data whenever I reinstall my OS. As a user I expect applications to behave like this. If I backup my data and restore it, any application should behave as if I'm simply continuing to use it and nothing ever happened. That's the whole point. If an attacker gains access to the user's Signal data directory, that's an issue completely unrelated to Signal.
Signal org needs to spend more money on PR and PMs, simply because they have a proven track record of shitty PR, and then the task prioritization, my god, developing shit new features while core tasks such as this one remain open.
Signal isn't "compromised". It's just vulnerable to a particular threat that, in truth, is really hard to protect against. Maybe the organization hasn't responded to that vulnerability in the best way, but it isn't like some magic code is just going to fix it.
This behavior reminds me of online engagements grapheneos had in the past. Although there was no vulnerability to speak of, it negatively affected how much people trusted the OS. Now if Signal is behaving this way against people pointing out/criticizing their existing/persisting vulnerabilities - there is NO question they are a honeypot. The actual question is did they intend to become a honeypot, or they just don’t feel like taking actions that would stop them from being a honeypot. It’s like Signal top brass is saying to us “you think we are a honeypot? Ok, so what?” These people are funny.
Android only. And would suffer the same vulnerability if you were to link a desktop device to Molly. (and yes I enjoy Molly too, but I don’t think it’s necessarily a solution to the problem in its current state)
I actually decided to stop using Signal a few months ago. Then I found out about this. Given the instability I had personally observed? I won't be going back. I don't trust the President. I'm a Mac user. This is not cool. It shows a lax attitude towards data security. I also have other reasons not to use it but this whole situation sucks.
The main problem with the OpenSource community is economics. Their business model sucks because it’s based on socialism, which means the developers don’t get properly compensated for their work. So what that does is opens it up for greed where an outside source could dump money into the organization secretly, while implementing code changes or lack there of that keeps vulnerabilities in place, which essentially turns that formerly ‘SECURE’ app into a honeypot for hackers and 3 letter Alphabet Agencies.
*For notes with freedom, no spying, no tracking, open source, E2EE, and more-visit our sponsor of this video Notesnook:* notesnook.com
Also please please leave your thoughts below on the situation, really curious to hear! You all had some great takes on my last video
Hard to match that entirely, I'd personally opt for Matrix as the closest option to that which I've seen. Not perfect but maybe others will have suggestions too :)
@@KingFroglet probably more secure than SMS but less secure than signal. it claims to be E2EE but it's also closed source so nobody can really verify what it's doing exactly. and it's owned by facebook, so take that for what you will.
Talk about what's the next best email other than proton mail that's using crypto
Looks a lot like Obsidian. Can it be used offline?
This problem is present in whatsapp as well as telegram.
Ghosting then blocking a experience security researcher is a giant red flag for a Signal company.
That one really made me scared. Blocking a security audit is very disturbing. Makes me think signal is being controlled now by the spooks and 3letter boys
Please don't place your in-video captions at the bottom of the screen. For those of us relying on Subtitles to follow the video, it gets hard to read, and we'll need to temporarily turn off subtitles and turn it back again.
It's happened a lot of times. Eg: at 4:57.
This has been a ridiculous oversight for many years.
Anyone without full disk encryption is at risk of having ALL their messages stolen. It's also noteworthy that any user must also trust their conversation partner to ALSO have good physical security, because messages could be stolen from two sides!
What's even more annoying: You cannot change the default directory where the user data is stored! At least brave has a flag that allows you to set the path for user data to a different directory (like a container). No such option for Signal. HUGE oversight. It's actually embarrassing how sloppy this is.
Which messenger is better?
Just do full disk encryption. What is the problem?
@@arturten8541 The problem is that you need to trust everybody else in your contacts to also use FDE!
Worrying about your own threat model is difficult enough, how about worrying about everyone else's?
@@arturten8541 If you happen to get malware on your pc (which is not unthinkable). As they said, it stores the data in a location that's not configurable, where any process running as your user can access it. They need to encrypt it on disk and store the keys in the system keyring, so other applications can't access the data
@@arturten8541 I think FDE might be an issue on Windows, where BitLocker is essentially paywalled behind the Pro edition.
As there is only one edition of macOS, and FileVault is heavily promoted in setup, it's less of an issue there,
I can't see any way around the endpoint security problem other than having to provide a password to Signal every time you start it. This is in great conflict with their ease-of-use requirement that's a core of why it's so easy to get people to use Signal.
Briar does this, and it's a huge pain.
I can see having this as an optional feature that people can turn on. And perhaps that's what they ought to do. Maybe they can think of something more clever than I can. But I would be really surprised if they could, and very eager to see what it was if they did. They did surprise me on just how cleverly they managed the handle issue.
There's something like TPM on most modern devices that can store private keys safely.
SimpleX does this
Maybe some sort of a login token that's tied to the PC-s HWID? Migrate the user data to another machine and Signal will ask you to enter the password again.
@user-jl3yv6jl6s - Would you rather have nobody to talk to with Signal, but it also demanded that everybody always enter a password every time? Because that's the choice here. Most people wouldn't use it if that's what they had to do. And Signal's goal has always been really good security that everybody can use at little or no inconvenience to themselves.
Most people don't value security nearly as highly as they should, and so if they have to enter a password, they just won't use it. And then you'll never have anybody to talk to on it.
That's why I think that if they add a password, they should make it optional.
@@nils9293Take passkeys as the example:
- It store the private keys in the TPM chip
- Every time you need to retrive the secret, you need to reenter your password
Therefore, usability takes a hit
If they did fix it, it was super on the DL. To those on Mac, go into your Keychain and (if running the Signal Beta), you SHOULD see Signal's "safe storage" in the Keychain.
Thanks for the attention to this topic.
Meredith is more concerned about collecting awards for herself as an activist against AI, than actually doing anything of significance with Signal.
Meri also has many enemies in very high places, from Google to the arms industry.
I wouldn't consider this a vulnerability, if an attacker has access to your physical pc unencrypted, or you're infected with malware, your signal is compromised anyway
If you had to unencrypt it at run-time, you could choose to leave it closed and safe whenever, so even if your computer got apprehended while unlocked it the database would've still been more secure.
@@tiagotiagot no. If you have to decrypt it at runtime, and your computer has a loss of physical access (and your disk isn't encrypted, which would mitigate this issue in the first place really), the feds or attacker will just run the program, and it's now decrypted! Not that crazy.
@@kaiduwu I mean you would input password or something of the sort on launch, like how you unlock on your phone. It would useless to encrypt and just store the key in the same place in plain text.
@@tiagotiagot more of a nice feature request than a security vulnerability
@@kaiduwu Security by layers. The more hoops an attacker has to jump thru, the smaller the odds an attack will succeed.
I'm still using Signal, and, like you said, this vulnerability was *known* since 2018, which means those for whom this vulnerability was relevant to their threat model could take steps to mitigate the risk. In other words, Signal didn't hide this vulnerability or try to do some kind of coverup. But, I agree their response hurt people's trust and raises questions about what direction they're going.
My solution has been to compartmentalize based on needs. I use Signal and Telegram for different purposes. I identify what my needs are and patch things together.
Thankfully my security needs are not as demanding as they were some years ago, but, this is why I didn't use Signal on desktop when this was discovered because my security needs couldn't tolerate that vulnerability.
Bro, pls make 2024 best messengers comparison pls!
SimpleX looks like a good Signal replacement in the future.
If they did roll out a fix, either it's not retroactive or it doesn't include all data. I just went and thru the local data store for desktop Signal on my laptop and foundunencrypted copies of image attachments from messages.
"The local security threats on your machine" attitude reminds me of Windows, where Microsoft doesn't care that anyone with physical access can just work around the login since ever.
*When a company is showing you SIGNS like these, it's time to re-evaluate.*
This vulnerability being reported YEARS ago and not addressed could lead one to believe this is how Signal could have been keeping this "loophole" open for gov'ts/bad actors to "do their thing" with malware to grab those files, and therefore duplicate a user's Signal. Then Signal can say "Oh! Well that's local security it's the user's fault not ours! Whoops!"
This could be how Tucker Carlson's Signal messages were compromised. He mentioned his Signal was "hacked" with no clear signs. This would have been SUPER easy for a gov't or malicious entity to install malware on his computer/phone, extract the files, and clone his Signal.
I believe everyone who uses Signal should think twice. There have been so many red flags with Signal over the past few years that should give people pause.
Oh and we also have no clue what goes on within Signal's servers/server side so that's always been an issue, but that's a topic for another day.
How do you check if this vulnerability exists on other apps like session and skred for example?
And where do you go to see the vulnerabilities of apps?
@@DarkGhostHacker by not blocking top security researchers from your github and X page
then which app should we use ?
The takeaway is use disk encryption
local malware doesn't care about your FDE
Thank you, very wise and prudent approach to a topic that's becoming tabu. Being anti-signal is becoming the new being anti-American
If Signal isn't concerned about "local" security threats on my machine, then whey can't I export my messages to a local file. At that point it would be my problem to protect them. All I wan't Signal to do is provide point to point security. Let me manage my messages once they get to my computer.
The privacy community definitely needs to hold the people behind Signal accountable in order to maintain staff integrity and a focus on the goal of Signal. Otherwise, all this human error is going to snowball into more technical issues which will snowball into a lot of trust issues. I see absolutely no benefit to this behavior; instead it makes them look immature, it opens up no new opportunities for them, and obviously it is negatively affecting the privacy and security of their own userbase.
If you sit still in the dark and say "Moxie Marlinspike" 7 times, he'll materialize and unf00k this situation. It is known.
@@janice-ld4pf Yes, precisely this. I came here to comment that bad management is not a now issue, it has been since the early days of Signal Foundation with important issues adresses by the community being ignored and whatever crap getting incorporated.
I think you did it really well, just tell us the truth and put it into context for us, thanks!
The problem with the people working at Signal is that they're incredibly arrogant and have been this way for years.
It's a strange hostility that really makes no sense.
Arrogant because their job is to collect people's information and their arrogant because they're better than you are because they know that only stupid people use this product.
Great video! Thanks for raising awareness about this topic.
This is very much overblown. Signal has been consistent for years in not prioritising client security her usability. That's why Molly exists on mobile for example.
There's simply not that much you can do when the client system is compromised, they can fix this issue, but there's still going to be a thousand other ways you're gonna be able to exploit, unless you make Signal desktop harder to use.
Or just use Session.
It's not the topic, but watching some clips from the hearings in the US, they pretty quickly started asking about "encrypted communications" and what applications was the guy using. We may see the US government trying to limit availability of encrypted communicators altogether or require backdoors, which would be the same.
Wit regards to Signal, I guess they want to focus on online privacy, but it still is weird.
@@SixStringUk We absolutely will start to see Congress use the assassination attempt as a way to rekindle their love of mass surveillance.
Different take: if they acknowledged it years ago as an out of scope feature request, then that's not 'ignoring a security vuln' for years.
This sounds like they don't encrypt the local data on PC, which is only an issue IF your PC is compromised (at which point, keyloggers / screengrabbers / your little brother could make this irrelevant).
That said, is it reasonable for enc messengers to encrypt local data? Do other apps?
I think this really highlights the issue yourself and others have been bringing up when it comes to Proton. Whilst Proton have NOTHING to do with this, can you imagine if this was Proton acting this way? And what a state we would be in with people having to switch away from them for Email, Cloud Storage, Calendar, VPN, etc?
I've always had a different problem with signal. You may signal with someone to talk about walking dogs in the park and if they are on a government watch-list, then you just got added to the watch-list because signal is tied to your phone number and you are doing secret conversations with someone they already suspect. And until recently, you had to give out your phone number in order to signal with people. I hardly ever use a phone anyway as desktop is my primary communication tool.
Still looking for the zero-knowledge communication tool which I can use from any device and has no requirements to anything physical tracking device such as a phone. Log in only, any device, zero knowledge, and used by everyone, multiple aliases!!!! Maybe someday my wish list will be fulfilled.
Not in any practical sense, no. It would need to have a decent UX, and a lot of these obscure apps that privacy blackpills push as "alternatives" to Signal....aren't.
Session X might be good for your use case. I've personally never used it though.
I'm of 2 minds about this. On one hand, they're right that if someone has direct access to the machine or has it compromised, it literally doesn't matter. But on the other (conspiracy) hand, this vulnerability seems like its being intentionally left open for.....reasons.
Honestly this is just a PR problem rather than a vulnerability problem: Whatsapp also has the exact same issue.
They have said multiple times WHY they havent addressed this.
I heard that Proton bought Standard Notes, which is end to end encrypted.
i still wish they hadn't dropped sms support was such an obvious and easy onramp for many
@Everyone - It is not that you or the App will be hacked or leaked - it's when it will happen - make peace with it. Try your best to secure as you seem good or as secure as your IT technology knowledge allow you to you protect your account/information.
Threema?
Signal response is not the greatest (i would say here it was one of the worst they could do), and that they took so long to fix this.
But that's still they are protecting your messages by using end to end encryption between contacts, i would not care because i'm not downloading untrusted software like some pirated games or something but if you install only trusted by you apps then whats the problem. Also if you think your os can spy on you build your own or use something like arch linux and choose what should be on your pc.
Anyone worth worrying about has a way around Signal. There is no trustworthy, secure way to communicate with a smartphone.
Doesn't whatsapp give you notification on your phone when you are using desktop client?
That would be a nice feature to add.. Maybe a an option to get warning only if it does not have the same public IP or same /64 for ipv6...
Why did they block the researcher that is the bigger issue here.
You are essentially demanding that they implement some security by obscurity. Everyone knows that a somehow hidden key would be found little later and you would be among the first to criticize them for faking security in such a way.
bro just dont loose youre phone. I still feel safer to have my phone and my messages on my personal device rather then storing em on their server.
Love seeing sponsorships like this.
What do you think of migrating your Signal account to Molly?
just use matrix
so the desktop version is not secured or just the whole system?
Windows v
@@lussor1 means I can continue using mobile app.
@@ashish_prajapati_trThe mobile app, especially on iOS, is aggressively sandboxed. Mobile is not impacted by this,
loving the flurry of uploads, thanks henry! been watching since 2018 and happy to be on this journey with you
Eeeee aw it means so much to still have you around after so long
@@techlore my pleasure :D would be curious to learn more about the differences between notesnook and, e.g., standard notes.
@@persistenthomologyCurious about NotesNook as well!
Very well thought through essay, i do agree with your points, especially that Signal should be criticized for sloppy behavior
I wouldn't trust any message carrier with anything of consequence. Communicate as though everything is compromised. Signal is only good for wishing family happy birthday.
This isn't at all a problem.
Does this means I can clone whatsapp into an VM without having to do their trash device reconnect every few days? That's an actual useful bug.
Set disappearing messages and don't say super sensitive things over electronic means that could be used against you. Nothing electronic is going to be 100%.
Why would this be surprising? That folder is the full state of Signal. When you start Signal you don't have to authenticate at all and it gets it's state and saved chats from there. So sure, if you clone it to another machine Signal will happily start up and continue on just as it does on the original one.
The only workaround would be for Signal to setup and require a password to be entered every time you start the app.
If you're using FDE this seems like a total non-issue. If you aren't, people can bypass your login anyway and start Signal on your own device. You're already vulnerable that way. Or solely run Signal off your mobile devices since they are all FDE and (should) have authentication to unlock.
This. Dont like how Signal responds to this but they did (imo) nothing wrong...
Signal can store the encryption key in the operating system’s keychain which is the solution they came up with. This *is* surprising because they were storing live access to your account almost unencrypted so anyone can boot up your signal account in a different machines and receive/send messages without your knowledge because they had access to the same unencrypted key.
Their fix now encrypts the key. They decided to fix it and you can read how:
github.com/signalapp/Signal-Desktop/pull/6849
@@techlore On OSX, great, that's a tiny improvement. On Windows, the keychain is only protecting the key from other user sessions. So for 99.9% of people it offers no real mitigation you didn't already have from Bitlocker. If you're logged in and the screen is unlocked, you are still toast. On Linux, we're back to square 1 anyway depending on desktop env.
@@techlore Doesnt this just move the issue?
Like with bitlocker on windows, where the OS has to be able to read the key from somewhere so the user doesnt need to type it in?
Even if it was inside a e.g. TPM, the encrypted key has to be stored somewhere for decryption...
@@techlore Great and what stops the attacker from dumping the key directly from memory? This is a minor improvement that helps in some (mostly purely hypothetical) edge cases. Absolutely not worth the fuss you are making about it. If the attacker has a level of access where the operating system does not guarantee separation of privilege, there is nothing an application that exists within this boundary can do.
Is Signal really open source though?
alternative would be to ask user to login everytime they open app... no thanks..
isn't it just like info-stealer stealing session cookies in chromium ?
Btw, is there any way to encrypt SMS? My government blocks internet sometimes and they spy a lot!
There have been some tools to add basic encryption on top of SMS but I don't know of any being actively maintained. Maybe someone else knows of one? As for RCS, the standard itself does not guarantee E2EE and afaik the only person rolling out RCS with E2EE on any kind of large scale is Google within Google Messages (they're using the Signal Protocol for their RCS E2EE)
Silence, but last update from 2019; QKSMS, last update from 2023. Then there's Briar, which is not SMS but can function over BT mesh in case the internet is blocked--it's specifically designed to be as hard to block by governments as possible.
I don't have a specific recommendation for a tool, but you can find an app that works with text strings directly, like an app that encrypts text with a secret key, then just copy and paste the encrypted text into text messages, and your recipient will have to copy paste back into that app with the secret key. you'll have to agree on what the secret key is over a secure channel that the government can't spy on (like in person maybe).
I'm sure you could also derive a shared secret over insecure channels using concepts from cryptography (which is really a branch of mathematics), but that is more complicated.
Anyone spying on your texts though will see that they look like random characters and are likely encrypted, and that could be used as evidence against you maybe, might be more suspicious than using a popular app like whatsapp. idk how your country's government works.
Does your government block SimpleX? I'm curious
@@Dionysor I have never heard of this software before today :) . I think Simplex needs internet. My government shut down internet for 5 days few days ago. They might do it again. So , I am looking for an app that can encrypt SMS without the help of internet. :)
Molly FOSS?
Great vid.. why the Headphones?
That’s honestly a great question
You can’t fix a bad corporate culture.
What's better?
This is a unfortunate situation on what happened to Signal. A big breach of trust to their community. Going to be interesting on what people do/migrate over to (if people do at all). Great video, and a great level-headed response! Thank you
There's really no other legit option other than WhatsApp, if we're being honest.
Session may indeed be a more private solution, for example. It also happens to be a more private solution *that nobody uses* so it isn't a valid alternative.
How exactly is this an issue? Someone would not only have to get their hands on those files, but also be able to log in to your personal account. If that happens you have far more issues than signal because they'd have direct access to your entire system. Do you prefer the idea of people losing all their messages if they move to a new system?
You’re missing the attack. The encryption key not being protected and someone being able to have a LIVE signal client that receives/sends messages without you knowing is actually pretty terrifying IMHO. They don’t need to log in. The folder includes your data unencrypted and just the folder itself will ‘log you in’ It’s grabbing a folder and then having a new device added to the account without the person knowing. As for losing messages on a new system, this is already the default for signal.
@@techlore Switch to Session, perhaps.
Just don‘t use the desktop version.
Session is more private and definitely more serious about their app than Signal. The Signal organisation may very well be on a downhill path, the proof is already in their behaviour. Very hard to change that once it roots, you are wasting time by staying with them.
I really hope this doesn't get "fixed" because I'd literally lose access to my account. I lost access to my phone number (and the mobile app) 2 years ago and I've been actively using this method to restore my Signal data whenever I reinstall my OS.
As a user I expect applications to behave like this. If I backup my data and restore it, any application should behave as if I'm simply continuing to use it and nothing ever happened. That's the whole point.
If an attacker gains access to the user's Signal data directory, that's an issue completely unrelated to Signal.
Molly practically solves this issue
5:51 you mean back to Facebook
Good video.
Oh no, first Proton and now Signal.
It seems now to get any privacy with a "normie" threat model is alot harder.
Ahhh man, dont scare me like that, good that is threat that dosent bother me personally, i hope in future they will not go bad way
this just seems like drama to me. I'll keep using it
Now at Ody subbed!
Signal org needs to spend more money on PR and PMs, simply because they have a proven track record of shitty PR, and then the task prioritization, my god, developing shit new features while core tasks such as this one remain open.
Session is better than Signal
True. Learning curve is steep tho.
ofcourse
It is. But I wish Session had the option to set a custom background. At least Signal does this on the mobile version of the app.
It seems that every product nowadays is compromised.
Signal isn't "compromised". It's just vulnerable to a particular threat that, in truth, is really hard to protect against. Maybe the organization hasn't responded to that vulnerability in the best way, but it isn't like some magic code is just going to fix it.
Sounds like a company that cant be trusted
This behavior reminds me of online engagements grapheneos had in the past. Although there was no vulnerability to speak of, it negatively affected how much people trusted the OS.
Now if Signal is behaving this way against people pointing out/criticizing their existing/persisting vulnerabilities - there is NO question they are a honeypot. The actual question is did they intend to become a honeypot, or they just don’t feel like taking actions that would stop them from being a honeypot. It’s like Signal top brass is saying to us “you think we are a honeypot? Ok, so what?”
These people are funny.
switch to session y’all
*iMessage + Advanced Data Protection is the way.*
and you think it's private?? i rather use whatsapp
signal uses us government code
You can always just email through e.g. Tuta or Proton...
That would require both parties to use the same service as tuta is only encrypted with other tuta
Lol not a chance
Has someone audited Notesnook code? How about Signal? Is it open source and audited? If it’s open source, then why not patch it yourself?
She just needs a cigarette
I knew it, it was designed to be spied by govt from the start ahahahah 😂
Uh, no. But sure. This isn't the "honeypot" smoking gun people desperately want it to be.
hmmm 🤔
the only "trust" issue i see is in the user.
Molly looks good - an independent fork of signal
Android only. And would suffer the same vulnerability if you were to link a desktop device to Molly. (and yes I enjoy Molly too, but I don’t think it’s necessarily a solution to the problem in its current state)
drugs are bad though
I don't understand how you suppose to protect user from the threats on his own machine. You are not antivirus, you are messenger
why is every "encrypted" service and "vpn" service essentially a honey pot? seems silly that we just blindly trust the founders
non-English speaker here. waht's tldr
“Too Long Didn’t Read” - It means the summary of something that takes a long time to explain in detail.
Years ago I was going to switch to Signal but only had 3 contacts there. So, I returned to WhatsApp. 😅
Old and outdated information.
I actually decided to stop using Signal a few months ago. Then I found out about this. Given the instability I had personally observed? I won't be going back. I don't trust the President. I'm a Mac user. This is not cool. It shows a lax attitude towards data security.
I also have other reasons not to use it but this whole situation sucks.
briar sisters
It glows like proton
And I'm certainly not trusting your wisdom.
What in the skibidi
how does this guy have less than 1k views but 228k subs???
big deal j.d. vance type
@@quicksitewhy??
The main problem with the OpenSource community is economics. Their business model sucks because it’s based on socialism, which means the developers don’t get properly compensated for their work. So what that does is opens it up for greed where an outside source could dump money into the organization secretly, while implementing code changes or lack there of that keeps vulnerabilities in place, which essentially turns that formerly ‘SECURE’ app into a honeypot for hackers and 3 letter Alphabet Agencies.
This has nothing to do with Signal. They have a small, tight-knit dev team which make 6 figure salaries. They’re phenomenal devs.
this isn't a big deal AT ALL
Why do you say that?
It's a pot of something sweet and sticky.