• communism
    link
    fedilink
    arrow-up
    7
    arrow-down
    2
    ·
    4 months ago

    It’s not a bad feature to ensure that eg if there’s a malicious process running on your computer it can’t send all your signal data to whomever

    • kbal@fedia.io
      link
      fedilink
      arrow-up
      7
      arrow-down
      6
      ·
      4 months ago

      Needing to enter a secure passphrase each time you want to use signal in exchange for one more fragile layer of defence for that one part of your data in a scenario that would normally mean you’ve already lost unless you’re running a super-secure compartmentalized operating system like qubes or something is probably not worth it for most people.

      • communism
        link
        fedilink
        arrow-up
        5
        arrow-down
        3
        ·
        4 months ago

        I already enter a passphrase every time I want to use Signal; I use the Molly client on my phone. It’s really not a big deal. I also enter a passphrase every time I launch my password manager, every time I launch my two-factor authentication app on my phone, and every time I open my email client. I think it’s fairly standard to protect sensitive data on your computer with encryption at rest and to decrypt it upon launching the application that handles the data.

        • refalo@programming.dev
          link
          fedilink
          arrow-up
          6
          ·
          edit-2
          4 months ago

          It’s really not a big deal

          For most casual users, it is a deal-breaker. And it’s hard to get everyday people to use your software with roadblocks like that.

          every time I open my email client.

          You must not get email very often, this is absolutely a non-starter for me.

          • communism
            link
            fedilink
            arrow-up
            3
            arrow-down
            1
            ·
            4 months ago

            For most casual users, it is a deal-breaker. And it’s hard to get everyday people to use your software with roadblocks like that.

            That’s fair enough, but the way the mobile app works is that you can opt in to having encryption at rest with a passphrase, so if you want to leave your signal database unencrypted you can.

            You must not get email very often, this is absolutely a non-starter for me.

            Once you open it you can leave it open if you need notifications. Sometimes I leave it open, sometimes I just want to check my emails and then close it. Idk, I really think typing in a password for authentication/decryption regularly is such a non-issue, like for instance do you not regularly type in a password when you run a command with sudo? Again, if it’s opt-in I also don’t see the issue, except for the issue of allowing people to not encrypt their Signal data thus potentially compromising the people they’re messaging, but obviously that issue is currently universal for Signal desktop.

        • kbal@fedia.io
          link
          fedilink
          arrow-up
          4
          arrow-down
          1
          ·
          edit-2
          4 months ago

          Huh. I would’ve thought most desktop users just leave it running all day long like I do. Obviously there is the disk encryption passphrase at boot, adding another one for signal would in my case be redundant.

          But the point is not only how easy it is to enter a passphrase, but also how much security that actually gains you. I don’t think it does much on the typical desktop, be it windows or linux, where there are so many ways to escalate or persist privilege for anyone that has user-level access.

          • refalo@programming.dev
            link
            fedilink
            arrow-up
            5
            ·
            4 months ago

            I would’ve thought most desktop users just leave it running all day long like I do.

            They do. OP is not a normal user.

          • communism
            link
            fedilink
            arrow-up
            3
            arrow-down
            1
            ·
            edit-2
            4 months ago

            Obviously there is the disk encryption passphrase at boot, adding another one for signal would in my case be redundant.

            I also have full disk encryption, but I still have some databases on my disk encrypted because I decrypt my disk when I boot my computer. But yeah if you have Signal open (& its db decrypted) all the time it would probably be minimal. I don’t have Signal open all the time though, only when I want to check messages or am actively using it

            I don’t think it does much on the typical desktop, be it windows or linux, where there are so many ways to escalate or persist privilege for anyone that has user-level access.

            The point would be encryption, even the root user wouldn’t be able to read encrypted data if they don’t have the passphrase

            • kbal@fedia.io
              link
              fedilink
              arrow-up
              4
              arrow-down
              1
              ·
              4 months ago

              If you have root, intercepting all the user’s keystrokes is trivial.

        • tmpod@lemmy.ptM
          link
          fedilink
          arrow-up
          1
          arrow-down
          1
          ·
          4 months ago

          This has nothing to do with the mobile app, which also has password/biometric unlocking, it’s about the desktop electron app.

          • communism
            link
            fedilink
            arrow-up
            2
            ·
            4 months ago

            I know. I never said it was about the mobile app?

            • kbal@fedia.io
              link
              fedilink
              arrow-up
              1
              arrow-down
              3
              ·
              4 months ago

              You did but it says “desktop” right in the page title.

              • communism
                link
                fedilink
                arrow-up
                2
                ·
                4 months ago

                I’m now genuinely not sure what you’re saying. I did what? I said it was about the mobile app? I didn’t say it was about the mobile app?

                • kbal@fedia.io
                  link
                  fedilink
                  arrow-up
                  1
                  arrow-down
                  3
                  ·
                  edit-2
                  4 months ago

                  If I’m not mistaken you were talking about how things work “on my phone” but I suppose you had in mind that the principle would apply to desktop as well.

                  In practice it does somewhat come down to how well containerized and locked-down the environment is, so I think the difference does matter. Android for instance sucks in very many ways, but it’s somewhat reliable in usually keeping apps from interfering with each other. There are a few desktops that try to do that, but they’re still not too popular I think. Desktop users are used to having full control of everything. Seems to me the pervasive compartmentalization of everything (it wouldn’t be sufficient for the purposes we’re talking about to put only Signal in a secure container) is accepted as necessary on mobile devices mostly because so many of the apps are terrible.

                  • communism
                    link
                    fedilink
                    arrow-up
                    4
                    ·
                    4 months ago

                    If I’m not mistaken you were talking about how things work “on my phone” but I suppose you had in mind that the principle would apply to desktop as well.

                    Yes, I was using it as a comparator as an example as to why it’s not a big deal to type a password every time you open an app, which I don’t think is any different between mobile and desktop.