[Feature] responsibly vet text submissions from the client to identify potential monetization infringments in vendor software such as windows 11 operating system dll's from software updates, and products which enhance the environment generally and may spy on glyphs

[jnorthrup]

Is there an existing request for feature?

• [X] I have searched the existing issues

What feature would you like?

per #3103 windows clients leaking text verbatim into alphabet properties ad engine... we see at least one casual system configuration is vulnerable to delivering text sent in one "secure" program, and displays a corresponding algorithm injection of same for monetization on youtube front page.

Anything else?

discuss the SCOPE of security that the devs make claims about and perhaps put a product-wide alert and a bughunt out to narrow down the windows platform infringements of gdpr at a minimum

[jnorthrup]

the simplest test i can think of is to deliver pixels to the client scrollable context painted with graphics 2d (like switching to the java ":swing" UI (like a js canvas) from the even older java AWT toolkit) to avoid the text input and text filed windows peers and the widgets that paint them into a conversation.

testing the efficacy of the compromised components might be harder than simply avoiding the common ones for which most exploits will be written

[KeeJef]

Potential security issues with the native platform Session runs on are outside of our threat model and scope. If we put this in-scope we would be opening ourselves to a potentially unlimited amount of work as we would essentially need to inspect all software on the system to ensure it wasn't accessing Session's data nefariously.

[keybreak]

@KeeJef Problem with Windows / Mac is that you know 100% that it's security vulnerability for both parties of such chat, even if one end of chat is Edward Snowden :laughing:

Both are effectively breaking encryption of anything running on modern spyware OSes, so providing builds for those systems by definition significantly decrease the purpose of Session, because you can never be 100% sure that your chat partner is not running it on some spyware os.

One option would be to alert user of Session that other party of chat is using Win / Mac / iOS or whatever is unsafe (perhaps even give user a choice to what have alerts on), but that would obviously violate some of privacy aspects.

[jnorthrup]

i posit that using the peering widgets on these platforms is less secure than for instance a c++ stdio daemon and cli

On Mon, Jul 1, 2024 at 4:15 AM keybreak @.***> wrote:

@KeeJef https://github.com/KeeJef Problem with Windows / Mac is that you know 100% that it's security vulnerability for both parties of such chat, even if one end of chat is Edward Snowden 😆

Both are effectively breaking encryption of anything running on modern spyware OSes, so providing builds for those systems by definition significantly decrease the purpose of Session, because you can never be 100% sure that your chat partner is not running it on some spyware os.

One option would be to alert user of Session that other party of chat is using Win / Mac / iOS or whatever is unsafe (perhaps even give user a choice to what have alerts on), but that would obviously violate some of privacy aspects.

— Reply to this email directly, view it on GitHub https://github.com/oxen-io/session-desktop/issues/3108#issuecomment-2199521639, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAAR6KSVPBM6PTWSGWP6JFLZKEFZ3AVCNFSM6AAAAABIAPCBVWVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCOJZGUZDCNRTHE . You are receiving this because you authored the thread.Message ID: @.***>