I heard that it consider insecure by GrapheneOS and Secureblue across the forum. Does this mean it should be avoided?
Thanks.
I think last thing I heard the security vulnerability with signalâs desktop app got fixed. But I could be wrong. They also made it so that the app autoblocks screenshots if youâre worried about Windows 11âs Recall feature.
1 Like
I certainly hope itâs safe to use. I use it every day because I hate hate hate hate hate hate typing on a phone.
2 Likes
I feel like the care they put on programming the Signal Desktop App is not at par with their mobile Apps.
It should be acceptable enough to use in most use cases. What keeps me from using it is that there is no official flatpak support and I donât want to recompile on Fedora each time it updates because of the .deb release. I also do not want to learn how to automate compiling because IIRC the builds are currently not reproducible.
1 Like
Ultimately it boils down to the security of the host.
What GrapheneOS would be referring to is there is tighter control on Android platform in terms of sandboxing, preventing screenshots etc. I doubt there is much risk as far as remote security goes.
If you trust the desktop your using Signal Desktop from then itâs probably fine. Also make sure you have filesystem encryption of some kind. The Linux version I donât think encrypts the signal database.
3 Likes
No protection of keys, much worse exploit mitigations, Electron app and no meaningful sandboxing. So the protection of Signal (and your host) on Linux compared to on GrapheneOS is much different. For some people this is an acceptable risk, for others it isnât. If someone wanted to target you, it would definitely be much easier on desktop.
2 Likes
I thought this was resolved?
1 Like
My understanding is that the issue with Signal desktop was resolved. Iâll admit that I use it every day, and have been using it for a long time. I know a lot of people for whom having a desktop version is a must for a messaging app, because they prefer to type on a computer keyboard.
4 Likes
AFAIK, most of the issues/vulnerabilities are due to the electron framework rather than the signal app itself.
2 Likes
Electron also breaks Content-Security-Policy and other things. Signal being an Electron app without Trusted Types turns it into a huge mess of XSS vulnerabilities. It was way less bad when it was still a Chrome app and moving to Electron to keep it alive with the end of Chrome apps while not turning it into a web app (due to E2EE) was a massive security regression for them.
You can read more about the Signal desktop app and Electron in general here
Sorry, I should have made my statement clearer. I didnât mean this specific issue, but rather the general lack of secure key stores on Linux, embedded into a proper security model, like they exist on Android. Thatâs not Signalâs fault, but it is something to consider.
3 Likes
Does anyone know if this is correct? That seems amazingly insecure.
It doesnât really matter too much because you should be using LUKS anyway.
2 Likes
There is now an offical app image of Signal for desktop (currently in beta).
Would you advise using this over the unofficial flatpak in non debian systems?
3 Likes
It is usually better to use the official source, especially considering it should get faster updates. That said, I remember hearing that Electron AppImages still depend on the unmaintained FUSE2 binary.
If you donât want to blindly trust the unofficial Signal Flatpak, I recommend (for any Flatpak, not just Signal) reading through the manifest YAML. You can acces it by visiting Flathub.org > Search âsome app nameâ (eg. Signal) > Scroll to the bottom of the page and click the âLinksâ tab > Click âManifestâ to navigate to the Github repo for âsome app nameâ > Under âFilesâ, click the file starts with the app ID (eg. org.signal.Signal) that ends in .yaml or .yml to view the manifest. Under the section âsourcesâ you will find the files and libraries that are used as part of the build process, and under âbuild-commandsâ you can read what commands are run to set up the Flatpak.
The Signal Flatpak repo is here, this is the manifest. Note that when using the Signal Flatpak, config override to use the âPassword Storeâ for your specific distro if you arenât using full-disk encryption. The repo contains the information you need to set that up.
I personally use the Signal Flatpak because I can harden its permissions and I hate AppImages (they run unsandboxed). The Signal Flatpak only needs Wayland, DRI, PulseAudio, and device=all if you use a Webcam, though it is best to avoid the last one for security reasons. If I was on a supported distro, I would consider using Signal .deb with Bubblejail.
1 Like
Iâm new to Linux/Fedora. What is best way to harden these permissions?
You can use Flatseal.
1 Like
Why did they not decide on Flatpak? Does anyone know?
Edit:
Found the supposed reason:
Signal Desktop for non-APT Linux distributions - #60 by makiro - Desktop Feature Requests - Signal Community âŠď¸
Beta test the Signal Desktop Linux AppImage đ§ - #18 by shellSignal - Call for Testing - Signal Community âŠď¸
Beta test the Signal Desktop Linux AppImage đ§ - #46 by ewaldmire - Call for Testing - Signal Community âŠď¸