Wrong ringtone when TS is locked

[ghost]

I noticed that when TS is locked all the notifications use the same ringtone. Is this intentional? It's making me miss some messages. I'm running Android 4.1.2 and TS 2.20

[johanw666]

When TS is locked, it can't look into the database to see if there are recipient preferences for ringtones.

[ghost]

Yes, that pretty much makes the assigned ringtones useless.. since my ts locks itself all the time when i use other apps..

[ghost]

The way it tells the sender even if it's locked, it should also play the right ringtone

[johanw666]

It should not - when I consider certain recipients special forensics should not be able to find that out by studying the encrypted database.

[ghost]

It makes no sense to have custom ringtones unless they work 100% of the time. If even just once a day a ringtone is played instead of another one, then every time a sound is played it isn't safe to assume it is the expected sender. So you always need to check your phone anyway...

[generalmanager]

@johanw666 While I'm an avid advocate for privacy and security (as you can see going through the tickets mentioned in https://github.com/WhisperSystems/TextSecure/issues/782) I don't think leaking customized ringtones to forensic investigators doesn't pose a significant threat. It's actually the other way around. Users always make software work the way they want if it's possible and they are motivated enough. If they don't work when locked, they will just disable encryption alltogether. This does have a significant impact on privacy/security, because it leaks all conversations and their contents.

The information which can be gained via custom ringtones is mostly about the importance of certain contacts to one or ones opinion about them. This information is either public by default or can be easily gained in official and unofficial investigations. That you have contact with someone is already leaked via the official contacts. Thus the answer to your request is to encrypt your phone with the standard android method. What stays is the possibility of someone hearing a ringtone while the phone is locked and a message is beeing received. But TS doesn't show the name/number of a contact if the lockscreen is active. Thus only the information that some contact(s) ha(s/ve) a special ringtone is leaked.

[johanw666]

Hmmm, I seem to be mistaken about this information being encrypted in storage. I looked at the TS database with aSQLiteManager and could read the information in table recipient_preferences without any problems, only the message contents were encrypted. In that case I agree this is a bug.

[Owen66]

Think I'll have a look at this. See if I can fix it.

[defunctio]

Tested this against 3.16.0, it appears this bug was resolved at some point. Requesting to close the issue.

[riyapenn]

Closing as it appears to be resolved and no updates to the issue in a year prior to this.