signalapp / libsignal

Home to the Signal Protocol as well as other cryptographic primitives which make Signal possible.
GNU Affero General Public License v3.0
3.63k stars 420 forks source link

Airlines can block the transfer of images via Signal #483

Closed PaddyMac closed 2 years ago

PaddyMac commented 2 years ago

This is probably a theoretical security issue at this point, but I think it is something that serious security developers should think about and develop a way to circumvent. I was listening to a recent episode of Security Now. It may have been episode 884 or 883. In any case, a listener wrote in saying that they tried to transmit an image via Signal while using the wifi supplied by an airplane. But the airplane's wifi blocked image transfers even via Signal. The host of the show proposed an explanation which pretty much mirrored my own sentiment. In all likelihood, the airline was able to block the transmission of images even via Signal's encrypted messaging because it had a detection scheme in place which assumed messages over a certain size were likely images rather than text. I propose that Signal should implement a covert file transfer protocol whether for the transmission of images, documents, or other large files. While this may be impossible to implement via standard SMS, perhaps Signal could implement a standard for transferring large files in such a way that they are broken up into small pieces transmitted at random intervals which would appear to be standard text messages to anyone sniffing traffic.

brxken128 commented 2 years ago

I don't think this is the right place to bring up a proposal such as this.

Anyway, it does seem rather theoretical. Is there any proof backing this? Sure, it's possible to block uploads above n size, but it's mostly likely due to bandwidth constraints rather than something malicious. It's an airplane after all.

I don't dislike the idea of a fragmented file upload, although it's probably not practical for 99.9% of cases. It would need to be extremely slow, otherwise these filters can just check upload bandwidth over a period of time, and deduce that it's not text being uploaded.

I'm not too sure how many uses this would have in the real world, but I can't imagine it being a lot.

jrose-signal commented 2 years ago

Yeah, libsignal provides the underlying cryptographic support for the Signal apps on various platforms; these issues are for the library in particular rather than features for the app. You can submit your feature request to our Support team, or bring it up on the unofficial community forums.