Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Message Decryption Key for Signal Desktop application stored in plain text

The reverse engineer researcher Nathaniel Suchy discovered that Signal Desktop application leaves message decryption key in plain text exposing them to an attacker. Signal Desktop application leaves message decryption key in plain text potentially exposing them to an attacker. The issue was discovered by the reverse engineer researcher Nathaniel Suchy The flaw affects the process implemented by the Signal Desktop […]

Signal Desktop key

The reverse engineer researcher Nathaniel Suchy discovered that Signal Desktop application leaves message decryption key in plain text exposing them to an attacker.

Signal Desktop application leaves message decryption key in plain text potentially exposing them to an attacker. The issue was discovered by the reverse engineer researcher Nathaniel Suchy

The flaw affects the process implemented by the Signal Desktop application to encrypt locally stored messages.

Signal Desktop application leverages an encrypted SQLite database called db.sqlite to store the user’s messages. The encryption key for the encrypted database is generated by the application during the installation phase.

The key is stored in plain text to a local file called %AppData%\Signal\config.json on Windows PCs and on a Mac at ~/Library/Application Support/Signal/config.json.

The encryption key is used each time Signal Desktop application accessed the database.

“To illustrate this problem, BleepingComputer installed the Signal Desktop application and sent a few test messages. First we opened our config.json file to retrieve the encryption key, which is shown above.” read a blog post published by Bleeping Computer.

“We then opened the database located at %AppData%\Roaming\Signal\sql\db.sqlite using a program called SQLite Database Browser.”

By entering the key, the experts at Bleeping Computer were able to read the content of the database.

The issue could be easily addressed by requiring users to set a password that would be used to encrypt the key the database encryption key.

“This would be easily mitigated by requiring users to set a password and using that password to encrypt the key” Suchy told Bleeping Computer.

On August 2018, the Italian cybersecurity passionate Leonardo Porpora discovered that it was possible to recover the expired messages from Signal version 1.14.3,

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – Signal, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]