undefined | Better HN

0 pointsTheAceOfHearts5y ago0 comments

The problem is that there's no one size fits all solution. Security is all about making tradeoffs based on your threat models.

I think this is probably a sensible default for many people engaging in casual conversations.

However, this notification should probably be configurable. That way you can be notified when communicating with high risk individuals.

0 comments

1 comments · 1 top-level

geofft5y ago

What threat model would it protect against?

The thing this proposed change would protect against is, if an attacker gets access to a participant's unlocked phone, and then transfers their Signal account, it will notify the other participants.

But an attacker can just as easily retain access to the original phone and send and receive messages with it - either physically, or by installing malware (a RAT or something) and remotely accessing the phone.

And when you move devices, because of the way the Signal ratchet works (I think), the original device doesn't get access to send or receive messages. So a device move is detectable if the original phone is returned.

j / k navigate · click thread line to collapse