My friend and I were discussing cell phone security and he said that if someone backdoored your phone that they could read all your signal messages. Is this true? I would think that the only way to view signal messages is to literally open up the app and view them.

  • @Lynda@lemmy.ml
    link
    fedilink
    102 years ago

    If a device is compromised, the adversary can do whatever they want: screenshots, keyloggers, fork Signal and install their own client.

  • @Nyaa@lemmy.ml
    link
    fedilink
    92 years ago

    If your phone is compromised, anything that you can see they can see as well. Absolutely nothing can protect against that because the only way would be to prevent even yourself from seeing it.

    Potentially a really good sandbox and strict permissions could help, but if someone were to backdoor your phone chances are they can get around most software based solutions anyway.

  • @molly@lemmy.ml
    link
    fedilink
    -12 years ago

    Try molly – hardened fork of signal. With encrypted keys as soon as you lock it after using the app it shreds itself from ram.

        • @pinknoise@lemmy.ml
          link
          fedilink
          42 years ago

          But you can view the messages on your phone, so they are decrypted at some point. Then an attacker can steal the key and read them whenever they want. Or they just take screenshots when you use the app if they are lazy.

          • @cber_quaternion@lemmy.ml
            link
            fedilink
            12 years ago

            Molly has a feature, which prevents screenshots. Also everywhere you are in danger of password stealing, bruteforce attacks, etc.

            • @pinknoise@lemmy.ml
              link
              fedilink
              02 years ago

              Molly has a feature, which prevents screenshots.

              Again, if you can see it on the screen it’s possible to steal it. (How easy it is depends on the driver)

              Molly (or any app) won’t help you if your phone is compromised, unless you set a pin to lock your messages and never unlock it after being compromised. (which is unlikely)