It is also digitally signed so its integrity can easily be verified. The app/desktop client has to be downloaded once. If its the latter, then you had best follow Signal and stick to using desktop clients and apps which can be signed and their integrity verified.Īs evident from the comments some people are confused about why these issues don't apply to the app and desktop client. (Update: WhatsApp has also acknowledged this issue by releasing a Code Verify extension for security conscious users.) This is closer to the use-case of WhatsApp and WhatsApp does have a web client. If its the former, then having a web client will not be a very big issue. Will those people just be using it for chatting with friends or communicating with colleagues? Or will it be used by whistle blowers trying to coordinate the disclosure of classified information with journalists? You will have to consider whether the risk outweighs the benefits and decide for yourself whether or not to ship a web client. This depends on your threat-model (or rather the threat-model of the intended audience of your chat service). This significantly reduces the chances of the modifications being detected and exposed.Īctually we want to develop some chat service like signal with web-client, but this article made us confuse about should we ship a web-client or not, can anybody please explain it? The server can ensure that only a specific user/client is served the modified malicious code. This threat is amplified by the fact that such malicious modification of the code served can be done in a targeted manner. This effectively defeats the point of end-to-end encryption, which is that nobody other than the sender and the recipient should be able to read the contents of the communication, since the server now has the power to compromise the communications at will. This means that if the server is compromised or goes rogue (which can easily be achieved by a government serving Signal a subpoena or the like), then it can easily modify the javascript files served to the client in a way that allows them to intercept the communications. However, the larger problem here is that the SSL connection, as well as the content being served, is controlled by the Signal server. However, in such a case, the employer owns the machine and would probably just install a keylogger on it, so you would have bigger problems. Well, if a (possibly state-level) attacker controls/compromises a CA, they could issue a fraudulent certificate for the Signal server and attempt to MitM the SSL connection (this threat is limited, but not eliminated, by the use of certificate transparency.) As pointed out, TLS inspection proxies at workplaces are a much more likely form of MiTM and could cause problems if your employer was interested in compromising your private conversation. So who exactly can control the SSL connection? Which means that anyone who can control the SSL connection to the server can now intercept and eavesdrop on your e2ee communications. This effectively reduces the security of your end-to-end encrypted communication to that of your SSL connection to the server The thread doesn't say that the web app will be completely insecure, instead it says This is how Matrix democratises control over communication.īy default, Matrix uses simple HTTPS+JSON APIs as its baseline transport, but also embraces more sophisticated transports such as WebSockets or ultra-low-bandwidth Matrix via CoAP+Noise.Yes HTTPS is used. This means that every server has total self-sovereignty over its users data - and anyone can choose or run their own server and participate in the wider Matrix network. Even if your server goes offline, the conversation can continue uninterrupted elsewhere until it returns. There is no single point of control or failure in a Matrix conversation which spans multiple servers: the act of communication with someone elsewhere in Matrix shares ownership of the conversation equally with them. When you send a message in Matrix, it is replicated over all the servers whose users are participating in a given conversation - similarly to how commits are replicated between Git repositories. Matrix is really a decentralised conversation store rather than a messaging protocol.
0 Comments
Leave a Reply. |