[messaging] encryption of Signal notification messages

Nick Badger nbadger1 at gmail.com
Mon Feb 22 14:38:53 PST 2016


> and the other one is to send the message itself (as a plaintext!) to the
push servers (Apple APNS, Google GCM and even (if used) 3rd party services
like Amazon SNS)

Can anyone confirm that this is, in fact, the app's behavior, and that it's
not using the push server to call a local display or something? I'm not
hugely familiar with mobile deployment, and I've never used the push
servers. I know you could register a service on the phone, but I don't know
if the notification could tie into it. Regardless, it strikes me as odd
that a team as capable as Open Whisper would put such a large
not-end-to-end hole in an app whose explicit purpose (for many) is
end-to-end security.


Nick Badger
https://www.ethyr.net
https://www.muterra.io
http://www.nickbadger.com
PGP fingerprint 37B9 22FC 2E47 50AA E06B 9CEC FB65 8930 46F0 333A, listed
at MIT <https://pgp.mit.edu/> and PGP <http://keyserver.pgp.com/>

On Mon, Feb 22, 2016 at 2:32 PM, Halil Kemal Taşkın <haliko87 at gmail.com>
wrote:

> Besides your communication with your partner, there is another issue
> here; the servers in the middle.
> Actually, Signal can encrypt everything end-to-end between you and your
> partner.
> Here interesting point is the push notification service. So, when you
> write a message and touch the send button, application mainly does two
> thing, one is to encrypt the message with the end-to-end encryption
> protocol signal uses (as expected) and the other one is to send the
> message itself (as a plaintext!) to the push servers (Apple APNS,
> Google GCM and even (if used) 3rd party services like Amazon SNS) to
> show the notification on your partner's screen. This actually damages
> the end-to-end encryption fashion of the application.
> And, even if you set your app to not to show the content in the
> notification center, you dont guarantee that the plaintext text
> version of your message is sent to the push servers.
>
> Regards,
> --
> Halil Kemal TASKIN
>
>
>
> 2016-02-23 0:20 GMT+02:00 Nick Badger <nbadger1 at gmail.com>:
> > +1 to Tony and Felix. From my perspective this is pretty cut and dry. You
> > have no control over your conversation partner's tech configuration. If
> they
> > choose to display your name and the content of the message in lock screen
> > notifications, then that's their decision and there's nothing you can (or
> > should be able to) do to change that. If you're worried about that being
> > incriminating, and you don't trust them to avoid such plaintext
> > notifications, then you've just implied you don't trust their opsec
> enough
> > to communicate with them at all.
> >
> > Also as a reminder, Signal uses an open protocol. I could write my own
> > client that publishes every message I receive onto my personal webpage.
> > Either you trust someone enough to talk to them, or you don't!
> >
> >
> > Nick Badger
> > https://www.ethyr.net
> > https://www.muterra.io
> > http://www.nickbadger.com
> > PGP fingerprint 37B9 22FC 2E47 50AA E06B 9CEC FB65 8930 46F0 333A,
> listed at
> > MIT and PGP
> >
> > On Mon, Feb 22, 2016 at 2:13 PM, Chris Johnson <captain.slim at gmail.com>
> > wrote:
> >>
> >> > How do you ensure your communication partner locks its phone?
> >>
> >> Good point, though I think it's a reasonably safe bet that someone who
> >> uses Signal to communicate locks his phone.
> >>
> >>
> >> On Mon, Feb 22, 2016 at 5:09 PM Felix Eckhofer <felix at tribut.de> wrote:
> >>>
> >>> Hey.
> >>>
> >>> Am 22.02.2016 23:00, schrieb Chris Johnson:
> >>> > that. I'd like to know that when I send someone a message, only he
> can
> >>> > read
> >>> > it, but when messages might be pushed to the lock screen of a locked
> >>> > phone,
> >>>
> >>> How do you ensure your communication partner locks its phone?
> >>>
> >>>
> >>> felix
> >>> _______________________________________________
> >>> Messaging mailing list
> >>> Messaging at moderncrypto.org
> >>> https://moderncrypto.org/mailman/listinfo/messaging
> >>
> >>
> >> _______________________________________________
> >> Messaging mailing list
> >> Messaging at moderncrypto.org
> >> https://moderncrypto.org/mailman/listinfo/messaging
> >>
> >
> >
> > _______________________________________________
> > Messaging mailing list
> > Messaging at moderncrypto.org
> > https://moderncrypto.org/mailman/listinfo/messaging
> >
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20160222/f815a24a/attachment.html>


More information about the Messaging mailing list