The messaging app Signal has been in the news. It all started when Swift developer Pedro José Pereira Vieito revealed that the ChatGPT app for Mac OS saved the conversations in plain text on the user’s computer. If the user’s computer was infected with spyware, there was nothing to stop the spyware from reading historical ChatGPT conversations (see Vieito’s demonstration video on Threads).
On the Fourth of July, security duo Mysk noticed that Signal’s Mac OS app suffered from a similar problem. Signal does encrypt the locally stored messages, but the app does so to no avail. Signal saves the encryption key in plaintext next to the encrypted database. Attachments such as images and audio clips are also stored unencrypted. As with the ChatGPT app, this means that a spyware program can steal all the information.
The encrypted database and encryption key are stored next to each other. The folder is accessible to any app running on the Mac. How could such a blunder be approved by an open-source project reviewed by many experts?
– Mysk on Mastodon (2024-07-07)
Mysk also discovered that access to the poorly protected data was all that was needed to clone an existing Signal installation. Mysk cloned the data from his computer into a virtual machine and immediately started receiving messages in the cloned Signal installation. Some messages arrived at the original computer while other messages arrived at the virtual machine. This suggests that the Signal infrastructure saw the original installation and its clone as the same Signal installation.
Messages were either delivered to the Mac or to the VM. The iPhone received all messages. All of the three sessions were live and valid.
– Mysk on Mastodon (2024-07-05)
Worst of all, the cloned installation never showed up in the linked devices overview.
Signal didn’t warn me of the existence of the third session [that I cloned]. Moreover, Signal on the iPhone still shows one linked device. This is particularly dangerous because any malicious script can do the same to seize a session.
– Mysk on Mastodon (2024-07-05)
No backdoor but poor design
Mysk beat the drum and urged his followers on Mastodon and X not to install the Mac OS app. The security duo wrote that the app was not secure. Around social media, the flaws were magnified and began to be called everything from “vulnerabilities” to “backdoors”.
The highlighted flaws are neither vulnerabilities nor backdoors. In order for the flaws to be exploited, the computer must be infected, i.e. the computer must be running spyware. If one party’s computer is infected, it is impossible, regardless of the app, to guarantee the confidentiality and accuracy of the messages being transmitted.
That said, Signal’s Mac OS app is still an example of poor security design. The Mac OS offers several security-enhancing features that the Signal app developers have (deliberately) ignored, including the ability to store the encryption key in the Keychain instead of in plaintext among the user files.
A Mac OS app will never be as secure as an iOS app, but the developers of a security-critical app like Signal should still take advantage of all the security enhancements the operating system offers.
To make matters worse, the flaws and opportunities for improvement have been known for years. When the flaws were pointed out in 2018, a Signal representative responded that Signal Desktop did not aim to offer, nor was it ever claimed to offer, encryption of the locally stored data (see Signal forum post).
It remains unclear why Signal developers prioritized features such as stories over updating the desktop app to follow best practices. Fortunately, the storm of criticism paid off and the Signal developers have set out to fix the deficiencies pointed out (see Protect database encryption key with Electron safeStorage API). Signal’s CEO, Meredith Whittaker, has also responded to the criticism in a post on Mastodon.
Recommendations
There is no doubt that Signal’s mobile app is more secure than its desktop app for Mac OS, Windows and Linux. Investigative journalists, freedom fighters, dissidents and other vulnerable groups should therefore, depending on the threat, consider avoiding the desktop app until the flaws are fixed. If these groups use the desktop app and become infected, their messages may fall into the wrong hands (although a user whose computer is infected is likely to have bigger problems on their hands).
If someone can access your filesystem, you have bigger problems to worry about.
– Jurre van Bergen (Amnesty International Tech) on X (2024-07-06)
As usual, the alternatives must also be weighed. Avoiding the desktop app should not lead users to switch to less secure chat apps that do not even fully encrypt conversations. Such apps risk both leaking data as it is being transmitted and leaking data in case one of the parties to the conversation gets their computer infected. As mentioned above, no app can completely protect against the latter.
However, one lesson everyone should learn is to always disconnect a linked computer if malware is detected on it. This prevents potential spies from continuing to exploit cloned installations.
As a user, you can view and change your linked devices by opening the mobile app, clicking on your profile picture and selecting Linked Devices. Should your antivirus program detect a spyware program on your computer, you should remove your computer from the list of linked Signal devices and not put it back until it has been cleaned of malware.
This article is published under the CC BY 4.0 license, except for quotes and images where another photographer is indicated, from Nikka Systems.