Closed ReK42 closed 10 years ago
mcginty
commented
10 years ago Unless I'm misunderstanding, Android versions Honeycomb or higher have the FLAG_SECURE on conversation and conversation list activities, making them protected from screenshots and thumbnails (in normal non-rooted situations). Is this not the case for you?
ReK42
commented
10 years ago You're correct. What I saw was a thumbnail of my identity fingerprint. Testing on my 4.3 rooted (but stock) it does mask both conversations and the list of conversations.
I apologize.
mcginty
commented
10 years ago No worries, was a legit concern.
ReK42
commented
10 years ago Actually, I just checked and, if the app is left while open on a contact verification screen, the thumbnail includes your contact's fingerprint in it's entirety and is easily readable. This could be a bad leak under some threat models. Is it possible to flag those activities as secure as well or is it handled by the android system?
Android's multitasking features include a most recently used list of apps and thumbnail screenshots of their last state. This is a potential information leak. An assailant who has gained access to the user's device but does not know the password used for unlocking the TextSecure app and decrypting its local storage may still be able to gain access to secure information by looking at the thumbnail MRU and any cached copies which may still exist on or be recovered from the device's memory and filesystems.
If possible it would be best to prevent these thumbnails from containing information in the first place by having the app feed the system a static image such as solid black or black with a logo.