Signal Desktop stores all received attachments unencrypted on filesystem

[sneak]

• I have searched open and closed issues for duplicates
• I am using Signal-Desktop as provided by the Signal team, not a 3rd-party package.

Bug Description

All received attachments are accessible unencrypted at ~/Library/Application Support/Signal/attachments.noindex/.

Steps to Reproduce

1. receive attachment
2. there is no step 2

Actual Result:

Attachment is stored unencrypted in the filesystem.

Expected Result:

Attachment data is encrypted at rest.

Screenshots

nostromo:~/Library/Application Support/Signal/attachments.noindex/ff$ file *
ff00bba026f466b5455947d9de41c686efdbbfa1e0bc9b15a450912d36b06c34: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 710x1536, components 3
ff01b1d13f4d1a056601ba7052e74a50fc05b4fb869dd000525c8ac18a7d1c62: PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced
ff05ba24030bd4daf18bea7ce36744668c7e92683df73d71f7cf687084e95889: PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced
ff0b4d86f32d13c5b9e856f37885e7c136d48c0350e4e7dbf60c25bd10627636: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1536x710, components 3
ff0f427d3ba5538a6a105c213d91bd01185013aafca74b3b44b0b1351055f27a: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1536x1152, components 3
ff0fcec5b6998afe27e180df132ce3afc24d2ccfdbc5af8195ad8d173f303153: JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=2, orientation=upper-left], baseline, precision 8, 1024x1024, components 3
ff14aef7ab949cf5c9e7bdc7a09c8ef2ebf88ad3b17dae419dd57ede348a6952: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x480, components 3
ff1c3ee56642b57b369c41e7bb5386b497f2969a0df3bf6410a68f3dabf8ef8b: PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced
ff26985d665e73a409298fe2bc910444777c9fbe8513a297c2b2dcbd0997b3d4: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 498x1080, components 3
ff29adcf554f9cba24cccdfe9f4019eae6c6be05036be8411bf5f4c64584603c: PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced
ff2ec37008bcc06405f9bef3de9c98cb9e5252569882f8fd8fe0a7b71ccd0a9f: PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced
ff321be634d55891f50967baebe6d21ce1546a283c27a66ed19660c876580e67: PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced
ff33347ab7d98e0b69c2539cbf7218d8f5947dc9d735ba71e880857bfe0c063f: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1536x1152, components 3
ff36b0eb7c0c32993b117e03b1bf7795a95cd119f60936e7e73938aa60a84fa1: PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced
ff397453f0ed2b3e6d011c775c4d19eeb07ecf157e0843219956484d2727ede6: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1745x1920, components 3
ff4090365641dbd733935fac2f790df7bf776c530f2d580901a4a3fd742b4805: PNG image data, 1242 x 2688, 16-bit/color RGBA, non-interlaced
ff59d9c73561f3085ff8d2b4e5a4d9fdc6cd2c7fcb6144b5260c239d9722b946: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1024x1024, components 3
ff5b6049cbbea41a8ad22bd5336be02f54904cdf60899d1b66d26dbeca7d7783: PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced
ff624903ad7993c70ae3f458274d1dbfc1a1b7fad9a64f1aacb1c1fbb3e04d4e: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1536x1152, components 3
ff627dd4685d45e67d9f98ff7b2df602ca0c241e5591d04d80a1fdce93c5890b: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 710x1536, components 3
ff64267084df08945de4e7f829ded2f0736a70e28cc46d2a45b62453ecb98335: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 709x1536, components 3
ff64b577233df60c686599f117ca5b28d585fc6120bad8f9cfd52e3fb6cbd296: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1152x1536, components 3
ff665fd24df3ac485de2e18fb90b458fdf03726445fb1cc3eaa31d5a644b7a27: PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced
ff674f87b078fe141191e22c6820eb608920d1cc2eb550c2bfd57afb6715be10: PNG image data, 640 x 360, 8-bit/color RGBA, non-interlaced
ff6b2d57c4764d6f33e9543a0db737847f5bc9563dad7ace426e40ca60b6427d: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1024x1024, components 3
ff70ebe18ebe41c5e8fe239d10de864752214e9bf8b675902a36bc435db36780: PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced
ff7fea6a589bb678a380ffdedc5cc9667ce880b4b8e9e37cf18daa2dedd1bacb: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1536x710, components 3
ff82d5ea9d7d20bf8b601277e6113acbc16e8e18f6e6a3c1c4d1487b1f2c5044: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 720x869, components 3
ff981c07ec44465b6025050a296450594fb2141d107b9f48d00b3ad4a77d9ee1: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 700x956, components 3
ff9d3dd3b7d38ad13c952812fb9f1947ad780a490eeb9d8f6dcc8c298092936f: PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced
ffa06d8422663e4d623a4384fa5748a8064a0401d7309a0ef344d577e430e0a1: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 3520x1628, components 3
ffa6aed61255ff6658da216461d3c66d047927d40b45fca59bf16695369f5f85: PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced
ffb5f08627ff9eb0bc6a3467ceb05b4dcc83dd357946e84e2576e7b986e4f1e4: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 318x318, components 3
ffba09837ad7550b1d91adb6f87efa16e8fd1e5d254db90d4eca79b28357b086: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x640, components 3
ffbdc9191f97d5afd263e41a57c914f26751f87ac6cdce898507585d51a17d07: PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced
ffc21c7de5022458c1ac7d89a23174abb6b02d94a17c52680ab557e8a6886c27: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x574, components 3
ffc624c5c2ff114b931ec686051148d65c385114ea0cd3c6de8e5cc057fde50d: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1536x710, components 3
ffc7d1b4358046bfc11cb879f479a92691137ec4e33b6cb772d47a0d5266ef81: PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced
ffc950e5efb4a0f6d786b7c13bceec4fc1a20b50e0516163435078fe86bb5e2f: PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced
ffc9f199d96ad02c02b0ed812bcb164dde7818f250a580cb62082320c29a1b21: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1365x2048, components 3
ffd1cf9f51c77a689e36d663f6153d3b0f3571d0f5ffaa87c1d8046041806ff9: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1152x1536, components 3
ffd5939d88d015e788efc6755989a7b846871fc66fd7f9c68d8b2f07a15e4b52: PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced
ffd67811bf6e0e0fa78c6b81ec1e05a57935f0831050b23f8e9b05ae638da20c: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1242x1205, components 3
ffda440ac5bc39b865db91e7e0c72e2bdb57d43ffd029fa515b08f5b86f8ec9a: PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced
ffdd00d0ebb2a51b09cdaf6e75166f8cbba816b375966b289a509565b89cc33a: PNG image data, 638 x 547, 8-bit/color RGBA, non-interlaced
ffe0514e173495c17f79e9a4ee6e722dc24b97f97dc10cf19a3345a4a39930f8: ISO Media, MP4 v2 [ISO 14496-14]
ffe3fa4da319403ad9c6d66e282edf3b71dc4b5c2182bbe1d0d633e083541d71: PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced
fff32cebbff1e34b2f301e30b3eb6e9913d5d5694a8f5c385ed643e3478c7f86: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1152x1536, components 3
fff4ad93328a44cf5d44af410307e4f3034fd0763fa6130c12b5be3e95516b1d: PNG image data, 768 x 480, 8-bit/color RGB, non-interlaced

Platform Info

Signal Version:

5.28.0 (intel)

Operating System:

macOS

Linked Device Version:

5.26.9.2

[sneak]

There are platform-specific methods of securely storing key material (e.g. macOS keychain, gnome-keyring) where symmetric encryption keys could be stored for protecting files on disk, to avoid the issue of storing key material on the filesystem adjacent to the files the key protects (which would be pointless).

[sneak]

Related to #5703 but not quite identical.

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[stale]

This issue has been closed due to inactivity.

[sneak]

Closing still-relevant issues because of inactivity (on the part of the developers to whom they have been reported!) is bad form. It tells your users that they should stop donating time and effort to report issues if you're just going to ignore and autoclose them.

This is still an active issue, and now it's closed. Telling me to FOAD would have been simpler.

[dsernst]

Agree this should be reopened ! Even if it's not a short term priority, this seems like a worthy security goal.

Seems like it could also be a Good First Issue for other contributors to PR

[iaxat]

This would be a good feature to have, since we cannot assume security from OS in general. Considering data collection and the so much hacking going on with the OS recently.

[iaxat]

This should be a signal feature for every platform and not just Desktop. If data can be accessed so easy on other platforms as well.

[clemlesne]

Should’ve treated as a high security issue, any local script with user privileges can access all attachements from all conversations!

[clemlesne]

Note, this is reported as CVE: https://www.cve.org/CVERecord?id=CVE-2023-24069. But it seems not well defined as it is marked "non scriptable" and fixed in v6.2.0.

[DarkJoker360]

This issue is way worse than expected! As some developers and security researches found out not only Signal Desktop is storing unencrypted images but also the encryption keys are stored plain text into a JSON file. These researched were able to clone their current Signal Desktop session to a VM with a simple python script they coded that probably just copy the entire Signal Desktop folder into another machine. The result is that a new session is added to the account without any notification or user warning. This is a huge security flaw and it must be addressed quickly, as of now I suggest to delete the entire Signal Desktop data from your machines, disconnect your account and wait for a fix. I will link down below all the references, thanks to everyone involved to these researches.
Considering this situation is present since many years, is this on purpose? It is intended to have desktop sessions at the cost of privacy, security and encryption?

https://x.com/mysk_co/status/1809287118235070662
https://x.com/mysk_co/status/1809184570769650131
https://www.bleepingcomputer.com/news/security/signal-desktop-leaves-message-decryption-key-in-plain-sight/

[iaxat]

This is scary bug, especially after the Apple M series chip bug has been known to expose the encrytion keys.
https://arstechnica.com/security/2024/03/hackers-can-extract-secret-encryption-keys-from-apples-mac-chips/

[gitown]

This is a scary issue and it's been here since 2022!!!
I thought security is one of the top priorities of Signal!

[indutny-signal]

We have implemented support for a new attachment storage system here: 28664a6

Every attachment is encrypted with a unique per-attachment key that is locally stored in an encrypted SQLCipher database. The local database encryption key is also protected by the Electron safeStorage API which utilizes the system keystore provided by your operating system to restrict access and securely store the database encryption key on supported platforms. Existing attachments will be automatically migrated to the new storage system too.

These updates will require a lot of testing before they start rolling out to more users. If you want to help us with the testing process now by compiling or running a pre-beta version of Signal Desktop, please use a test device in order to avoid any data loss throughout the process.

We hope to have everything ready for a beta release in the next few weeks. You can find out how to join the Signal Desktop beta here. Thanks for your support!