{"id":36024,"date":"2020-07-11T13:53:46","date_gmt":"2020-07-11T13:53:46","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/31386\/Signals-New-PIN-Feature-Worries-Cybersecurity-Experts.html"},"modified":"2020-07-11T13:53:46","modified_gmt":"2020-07-11T13:53:46","slug":"signals-new-pin-feature-worries-cybersecurity-experts","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/signals-new-pin-feature-worries-cybersecurity-experts\/","title":{"rendered":"Signal’s New PIN Feature Worries Cybersecurity Experts"},"content":{"rendered":"
<\/div>\n
<\/p>\n

Ever since NSA leaker Edward Snowden said \u201cuse Signal, use Tor,\u201d the end-to-end encrypted chat app has been a favorite of people\u2014including Motherboard<\/a>\u2014who care about privacy and need a chat and calling app that is hard to spy on.<\/p>\n

<\/span><\/p>\n

One of the reasons security experts recommended Signal is because the app’s developers collected\u2014and thus retained\u2014almost no information about its users. This means that, if subpoenaed by law enforcement, Signal would have essentially nothing to turn over. Signal demonstrated this in 2016, when it was subpoenaed by a court in Virginia<\/a>. “We\u2019ve designed the Signal service to minimize the data we retain about Signal users, so the only information we can produce in response to a request like this is the date and time a user registered with Signal and the last date of a user\u2019s connectivity to the Signal service,” Signal wrote at the time.<\/p>\n

<\/span><\/p>\n

But a newly added feature<\/a> that allows users to recover certain data, such as contacts, profile information, settings, and blocked users, has led some high-profile security experts to criticize the app’s developers and threaten to stop using it. Signal will store that data on servers the company owns, protected by a PIN that the app has initially been asking users to add, and then forced<\/a> them to.<\/p>\n

<\/span><\/p>\n

The purpose of using a PIN is, in the near future, to allow Signal users to be identified by a username, as opposed to their phone number, as Signal founder Moxie Marlinspike explained on Twitter<\/a> (as we’ve written before, this is a laudable goal; tying Signal to a phone number<\/a> has its own privacy and security implications).<\/p>\n

<\/span><\/p>\n

\n

\u201dMake the networks dumb and the clients smart.\u201d<\/p>\n<\/blockquote>\n

<\/p>\n

But this also means that unlike in the past, Signal now retains certain user data, something that many cybersecurity and cryptography experts see as too dangerous.<\/p>\n

<\/span><\/p>\n

Matthew Green, a cryptographer and computer science professor at Johns Hopkins University, said<\/a> that this was \u201cthe wrong decision,\u201d and that forcing users to create a PIN and use this feature would force him to stop using the app.<\/p>\n

<\/span><\/p>\n

\u201cThe problem with that is that most people pick weak PIN codes. To harden this and make the system more secure, Signal has a system that uses Intel SGX enclaves on their server,\u201dGreen said in an email to Motherboard, referring to a technology made by Intel<\/a> to encrypt and isolate certain data on a cloud server. \u201cSGX seems like a good choice, but it really can’t stand up against a serious attacker. This means anyone with the right resources (at least as good as, say, Daniel Genkin’s group and U. Mich<\/a>) could potentially compromise those servers and get most of this information.\u201d<\/p>\n

<\/span><\/p>\n

\u201cI don’t care that much about my contact lists, honestly. But I also don’t like the idea that I’m going to be forced into uploading them to a server, when the whole reason I use Signal is because it’s designed not to do things like this. Also, I’m scared that in the future, Moxie will design a feature to upload message content, and that won’t be ‘opt in’ either,” Green said.<\/p>\n

<\/span><\/p>\n

\n

Have you ever tried to hack Signal or look for vulnerabilities in the app? We\u2019d love to hear from you. Using a non-work phone or computer, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, OTR chat at lorenzofb@jabber.ccc.de<\/a>, or email<\/em><\/strong> lorenzofb@vice.com<\/em><\/strong><\/a><\/p>\n<\/blockquote>\n

<\/p>\n

The Grugq, a well-known cybersecurity expert, agreed that this approach isn\u2019t secure, because SGX enclaves are \u201ca sort of wet paper bag for clustering sensitive info.\u201d<\/p>\n

<\/span><\/p>\n

Technical issues aside, it\u2019s the philosophy behind it that bothers people like Green and The Grugq. Before this new feature, Signal claimed\u2014and had proved\u2014to provide a communication app that was designed not to store almost any information about its users.<\/p>\n

<\/span><\/p>\n

“Notably, things we don\u2019t have stored include anything about a user\u2019s contacts (such as the contacts themselves, a hash of the contacts, any other derivative contact information), anything about a user\u2019s groups (such as how many groups a user is in, which groups a user is in, the membership lists of a user\u2019s groups), or any records of who a user has been communicating with,” Signal wrote in 2016<\/a>.<\/p>\n

<\/span><\/p>\n

That, according to critics, has now changed.<\/p>\n

<\/span><\/p>\n

\u201cThey should have a dumb network that knows nothing because it can\u2019t be compromised then,\u201d The Grugq told Motherboard. \u201c[Having contacts] is a lot. It isn\u2019t messages, sure. But I don\u2019t like it. I don\u2019t want them to have anything. Make the networks dumb and the clients smart.\u201d<\/p>\n

<\/span><\/p>\n

Marlinspike defended the decision to enable PINs and give users a way to migrate to a new device and keep certain data, and will increase the security of users\u2019 metadata, \u201cnew features Signal users have been asking for.\u201d<\/p>\n

<\/span><\/p>\n

\u201cThe purpose of PINs is to enable upcoming features like communicating without sharing your phone number. When that is released, your Signal contacts won’t be able to live in the address book on your phone anymore, since they may not have phone numbers associated with them,\u201d Marlinspike told Motherboard. \u201cFor most users, this also increases the security of their metadata. Most people’s address book is syncing with Google or Apple, so this change will prevent Google and Apple from having access to your Signal contacts.\u201d<\/p>\n

<\/span><\/p>\n

Following Green\u2019s and others critiques, Marlinspike said on Twitter, and then confirmed with us, that Signal will add the ability to disable PINs \u201cfor some advanced users.\u2019 Marlinspike warned that doing that \u201cwould mean that every time you re-install Signal you will lose all your Signal contacts.\u201d<\/p>\n

<\/span><\/p>\n

In recent weeks, Signal has introduced more features that make it more user friendly to people who may not have extremely paranoid threat models. For example, it\u2019s now possible to migrate all Signal data<\/a>, including message history, from one phone to another, using a feature that does not rely on cloud servers and is also encrypted, according to Signal. This is a different feature than the one that relies on PINs, but both of these are likely aimed at people who may be reluctant to use Signal, and prefer other apps such as WhatsApp.<\/p>\n

<\/span><\/p>\n

The changes Signal has made show how there can be a tension between messenger usability and feature set and security. It’s too early to say whether you should stop using the messenger. For most users’ threat models, it’s still one of the best options. But one of the key things that set Signal apart\u2014that it collects almost no information about its users, appears to be changing.<\/p>\n

<\/span><\/p>\n

Subscribe to our new cybersecurity podcast,<\/em><\/strong> CYBER<\/em><\/strong><\/a>.<\/em><\/strong><\/p>\n

<\/span><\/div>\n

\n