Closed wesinator closed 6 years ago
This disables the autocorrect feature, doesn't it? Should be optional then, if it's even included at all.
i think it most certainly should be included. the Gboard is essentially a key logger and to have that information leaking and going straight to google, whats the point of using a secure e2e messaging if all of everything you type is being leaked elsewhere without the same level of security your message was sent / stored with. But making it optional seems like a good plan. It is basically the same as the anti-screenshot feature, it prevents other apps and such from hooking into potentially dangers API calls from the system, like reading / recording the screen, or keystroke recording / logging
The incognito flag is only set when you are typing in a ComposeText
, in other places within the application, such as the search bar on the main conversation screen, the flag will not be set.
I think the preference should be read and respected at every point within the application where the keyboard is used. As the preference is currently phrased within the app, it is not clear to users that incognito mode is only used in some places which could cause a user to leak information to their keyboard that they were not expecting to. I could see a user sending a message (in incognito), and then later searching for that message (not in incognito) which would result in a leak to the ~keylogger~ keyboard.
Granted, IME authors can always ignore/disrespect this flag, but I think that Signal should at least be consistent in setting it.
I'd be happy to work on generalizing this preference across all the app's EditText
s.
@bitmold Can you tell us to what extent this is still an issue? I don't think I'll be able to help out personally, but I would certainly be willing to organize bounty money.
@bitmold Can you tell us to what extent this is still an issue? I don't think I'll be able to help out personally, but I would certainly be willing to organize bounty money.
It's not, there is a option in the settings.
@Le1b1 I am sorry, but your comment is not very helpful. Have you actually read the comment by @bitmold?
It says that (at least back in March 2018) the IME settings were not applied to all keyboards throughout the app.
It has to be verified whether this is a security issue. It doesn't matter whether there is a UI element in the options screen from a security perspective. You have to analyze the whole code systematically, looking for all keyboard input scenarious and verifying that the keyboard used therein actually adheres to said switch-button in the options.
@valioDOTch
verifying that the keyboard used therein actually adheres to said switch-button in the options.
Have been learning about this during the past few days, and have understood that 3rd party keyboards can just ignore the request, if they are spyware for example.
I realize that this is a different topic than what you described, though, it seems you mean bugs in Signal itself which would not even apply the flag from that side. Didn't look into that. I can try if you think there are issues.
Anyway this open pull request about that other issue is related: https://github.com/signalapp/Signal-Android/pull/10729
It proposes to change the settings info text to:
<string name="preferences__request_keyboard_to_disable_personalized_learning">Request that the keyboard disable personalized learning. The keyboard does not have to respect this setting and may send data to a third party.</string>
I'm now trying to figure out whether Android could fix this on the OS level, for example by enforcing that the keyboard can not do any networking. Not a quick fix for sure, but for the long run. Also plan to check whether iOS already does that, saw it mentioned that it would. Just doing this as a hobby, volunteering to help a bit on free time.
I have:
Bug description
The new keyboard "incognito" mode API should be used so that keyboards such as Gboard do not collect input data from messages typed in Signal.
Steps to reproduce
Actual result: Keyboard does not use "incognito" mode Expected result: Keyboard should be loaded with personalization disabled.
Device info
Device: Samsung Galaxy Android version: 6.0.1 Signal version: 4.9.9