This is a good article. A lot of other apps have the same problem. I think it is important that apps have a security threat matrix.
Many people don’t realize what is really private, and what isn’t. As in a phone conversation, it isn’t known what you are talking about, but who you are talking with is known. Is that the full definition of privacy? No. People also don’t full understand how metadata can be collected and used. Many people don’t understand the risk of a server being hacked. If a server can be blocked/censored, I would imagine a server be spoofed is plausible too.
Many people hear “secure” or E2EE. But they do not realize that applies to the transmission of your message. That doesn’t mean it is stored on your device encrypted and secure, nor does it mean stored on someone’s else device is encrypted and secure. Some say it isn’t necessary because if your device is compromised, then so would any app security. But I doubt those same people leave their password database unencrypted.
This is an forensic analysis, meaning this is research into what police etc. needs to do when they want to ex-filtrate data from confiscated or otherwise compromised devices.
I am a bit torn on such kind of research. Obviously it isn’t done to improve security, but at least when it is openly published like this it can help app developers to look into potential security issues.
At the very least it helps to make people aware that these days a compromised device is often the most dangerous data-leak (at least for activists) and Signal for example does not help against that type of tread at all, in fact due to it’s use of phone numbers as identifiers it is a huge risk factor.
Most people do not want privacy, they want fully anonymity. They mix these things.
yep, but not only decentralized, I remember the issue about a company claiming they could extract Signal messages from the phone, if they were able to overcome the phone encryption (easily if the phone is unencrypted, though I believe LOS AOSP in general don’t allow unencrypted phones fro quite some time now)…
I’m wondering if p2p app also suffer the same. I honestly have no clue, but I would guess it should be the same, unless you provide a decrypting password or mechanism any time you open the app, to decrypt keys keeping the contents encryupted (supposing it keeps some sort of agent when opening, so you don’t need to keep decrypting the keys while the app is open)… Perhaps they don’t do it by default, but AFAIK, briar, jami, antox and triffa were not having content encrypted in the phone, and I’m not sure if there was an option to opt-in for such encryption…
Going back to xmpp, the same mentioned on the post, applies to the desktop apps, for example, I’m not awae of Dino, Gajim or Kaidan encrypting local content… I’m wondering if there are apps doing that by default, and perhaps without opt-out mechanisms…
That’s why both, the phones and the desktops/laptops/mobile/etc, require to have the storage encrypted. And even though the storage is encrypted, all private keys (GPG and/or SSH) must be encrypted as well. There are people keeping private keys unencrypted, for convenience I’d guess, but that’s really bad if the device keeping them is compromised…
In brief, I’m not aware of apps, phone or desktop, which besides doing e2ee for content transmission, they keep all local content encrypted. Not sure if there are some which can do it by setting some preferences, but if there are, please share which ones, :) Thanks !