Hacker News new | ask | show | jobs
by redprince 707 days ago
What is the threat model here?

When the device is stolen or lost it better protects data at rest with full disk encryption.

When the account operating Signal or the machine as a whole was taken over, the attacker can observe everything the user does and can do everything the user is entitled to do. When the data is accessible to the user, it will be accessible to the attacker and there's nothing anyone can do about it.
1 comments
EPWN3D 707 days ago
If a user is tricked into running malware, that malware can apparently get to these keys. Whereas on macOS, if they were stored in the keychain, that would have been impossible.
link
ghusto 707 days ago
This isn’t true. You have full access to the Keychain without any authentication via the CLI. Try it.
link
redprince 707 days ago
I have very little experience with the threat model associated with the macOS keychain and how its promises are enforced. A cursory look into its features reveals an export/import function for elements (except passwords) secured in the keychain. An attacker could just export the keys then.

The next question would be, if the keychain just hands out the keys to the application to be used? How would it ever identity a program as being eligible to receive a certain key? An attacker could just ask the keychain for the key.

A user is commonly able to read the process memory of any process running under his account. An attacker could extract the keys from process memory. And so on and so forth.

So you are very likely again where you were before: An attacker being able to execute code in the context of a user can steal his data. The only thing that varies is how much work it is.

In theory Apple may have exposed a security processor akin to a smart card with which Signal could generate public/private key pairs where the private key resides in the hardware and cannot be extracted. It does not appear the MacOS key chain works that way.

link
pseudo0 707 days ago
It uses ACLs and access groups. So a malicious app should not be able to access keychain items for other apps. Sure, it might be possible to get the key out of process memory, but that raises the bar significantly for an attacker. Most infostealer malware is pretty basic, and just looks for files A, B, C, etc.

https://developer.apple.com/documentation/security/keychain_...

link
ghusto 707 days ago
The CLI gives you full access to the Keychain with no authentication. Try it.
link
123yawaworht456 707 days ago
>If a user is tricked into running malware

...then it's over.

link