search

signalapp / Signal-Desktop

A private messenger for Windows, macOS, and Linux.
https://signal.org/download
GNU Affero General Public License v3.0
14.69k stars 2.68k forks source link

[Security Hazard] Phone number exposure #7031

Closed IUseNixOSBTW closed 1 month ago

IUseNixOSBTW commented 2 months ago

Using a supported version?

Overall summary

Phone number is visible even if find by phone number is disabled.

Steps to reproduce

  1. Open the settings.
  2. Open your eyes.

Expected result

There is no reason for the phone number to be visible in the desktop application especially when the user has find by phone number disabled.

Actual result

The phone number is visible.

Screenshots

No response

Signal version

The newest one

Operating system

All of them

Version of Signal on your phone

No response

Link to debug log

No response

scottnonnenberg-signal commented 1 month ago

Thanks for the feedback. Signal isn't doing anything unconventional or insecure by displaying account-related information in the Settings window of the application. It's important to have an easy way to reference which account and device name Signal Desktop is using. For example, someone may want to ensure that they're removing the correct linked device from their phone after verifying that info in the Signal Desktop interface. The Settings window is the standard place that people turn to for this type of information.

Displaying relevant account info in the Settings window is a common practice across most applications. For example, people can quickly see the associated phone number in their iMessage or Google Messages settings, or view which email addresses are currently configured within the settings of their chosen email app.

Most people would consider the basic account and linked device information that appears when you optionally open the Settings window in Signal Desktop to be far less sensitive than the contents of the messages and calls that they are sending and receiving. If you are in a hostile environment where someone is actively looking over your shoulder or otherwise monitoring your activity, we'd encourage you to avoid using Signal Desktop until it's safe to do so.

We use GitHub to track bugs, not feature requests, and the Settings window is currently working as designed. We closely follow feedback from the community forums if you want to continue discussing this issue or share additional ideas and other non-bug-related suggestions. Thanks again!