this post was submitted on 03 Nov 2023
51 points (90.5% liked)
Privacy
31837 readers
116 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
None of the screenshots had self destruct timers, so I'm not sure how they were using signal... kinda looks like signal desktop
more of the screenshots arnt cropped, they do have disappearing message timers, but they are using signal desktop, which doesn't do local encryption. So those disappearing messages are still on disk floating around...
(Signal desktop AFAIK has a terrible security posture, not secure at all)
Signal desktop doesn't even have a PIN to unlock it. IIRC the reason was that if someone is already on your machine then you're screwed.
I just want it to stop someone like my son, who may have access to my computer legitimately, from seeing some of the NSFW messages me and my friends send each other.
Just make a separate user acct for the kid. That way your stuff is separate and you can also implement parental controls if needed.
Yeah, we have separate profiles, but sometimes I just let him use some software on mine, like a game, or whatever, and then I go and do something else. The use-case is there, along with encrypted messages, but people say things like what you said because they don't personally have that use-case.
I'd look at implementing it myself, but they wouldn't merge it, and I'm not going to maintain a fork indefinitely.
For your use case, running a VM on your desktop should be sufficient. The VM could have disc encryption. So when you're letting somebody else use your terminal, they can't access your interesting messages.
Hyper-V has this built in I believe, QEMU does it as well, UTM on Mac OS makes it pretty easy. But there's a thousand different ways to skin this cat
Most sensible way in my opinion would be for the Signal app to have a PIN and encryption on desktop, just like it already does on the mobile apps.
I agree, but Signal on mobile doesn't require destruct timers either.
Is there a way to clear messages from the disk other than by deleting the Signal Desktop app itself or is that sufficient?
Not really. Once data is written to disk it's more or less there forever. At least from a risk perspective.
If your disc is encrypted, you can change the disc encryption key, throw away the old key, then it doesn't matter that the data is there you no longer have the key so the date is lost.
Most people use full disc encryption, and they're unlikely to want to throw away all of their data just for signal.
Unless you're using a container to run signal, or a virtual machine, or qubes : with disc encryption, then anything signal writes to the hard disk is more or less there forever from a risk perspective.