search

mollyim / mollyim-android

Enhanced and security-focused fork of Signal.
GNU Affero General Public License v3.0
1.37k stars 77 forks source link

Attack surface reduction (link previews, webrtc, stickers) #272

Closed Striker789 closed 5 months ago

Striker789 commented 5 months ago

Is there an existing request for this?

Feature description

I would like to start off by thanking the developers for the great work.

Molly currently provides on device security that the original signal application does not offer. However, there are issues that arise in regard to the need to reduce attack surface.

Stickers are in webp formats and are automatically download, hence if a sufficient exploit chain is found that has the ability to exploit the android media library then the device can be exploited. A simple fix for this would be the that the app be prevented from automatically downloading stickers. Exploit chains like this have been found in Pegasus exploits on IOS that utilised GIFs to deliver zero click exploits. All that is required is for that

In regard to link previews a single toggle should also be available like what should be done with stickers that prevents contacts from sending link previews in order to reduce attack surface.

Finally, webrtc is a massive attack vector that has been exploited in the past and multiple vulnerabilities have been found by the Google zero day project team. Another workaround to this is to have a designated list for contacts that are allowed to initiate a webrtc connection with the Molly user.

It would be great for molly's developers to further harden the application by reducing attack surfaces for remote exploits by APTs!

Thank you!

matchboxbananasynergy commented 5 months ago

https://github.com/mollyim/mollyim-android/issues/141 and https://github.com/mollyim/mollyim-android/issues/140 should cover this request.

Is there something that you think is covered here that isn't covered there?

Striker789 commented 5 months ago

141 and #140 should cover this request.

Is there something that you think is covered here that isn't covered there?

It appears as though some of the issues I had mentioned have been brought up. However, there haven't been any steps taken within this regard for more than a year. The feature requests are more than 'features' they massively reduce the risk of remote exploitation and are as important as at rest encryption provided by Molly.

matchboxbananasynergy commented 5 months ago

Something not being implemented yet doesn't mean it requires another open issue. If you feel like this issue covers something not covered by the existing issues and should exist alongside them, please let us know what those are and I'll be happy to re-open it.