Context: I found a bug, the bug can be exploited such that different members of a group see different conversations.
There are plenty of contexts where I would consider this a (low-medium) security issue, and given the nature of the bug I expect there might be additional security considerations.
But before spending time writing up the issue I'd like to confirm that this is something that Signal considers security-sensitive / or i'll just dump it on github eventually.
This is an honest question that I could not find the answer to.
I *think* users implicitly expect transcript consistency.
I know that at one point transcript consistency was a property that was discussed as being desired, and then I think I remember a point at which transcript consistency was technically weakened?
But github timed me out for loading too many pages in the hunt for any kind of confirmation.
@sarahjamielewis Dunno for sure, but I think they consider it a UX issue rather than security. Having all users see the same messages is probably a high priority, same order isn't because you don't know that the order you received them is ever the order they were sent in thanks to network latency variations and time-sync discrepancies.
How would you use message ordering differences to compromise the group itself? As opposed to just confusing users about what was said.
@tknarr I would argue that technically speaking a set of out-of-order messages is indistinguishable from a distinct set of messages (assuming an unbound transcript length) - though in this case I am specifically focused on the cases which go beyond message ordering.
(Under some security models "confusing users about what was said" is simply a compromise of the group - though in other cases one can imagine such a capability being useful when combined with social engineering)
Context: I found a bug, the bug can be exploited such that different members of a group see different conversations.
There are plenty of contexts where I would consider this a (low-medium) security issue, and given the nature of the bug I expect there might be additional security considerations.
But before spending time writing up the issue I'd like to confirm that this is something that Signal considers security-sensitive / or i'll just dump it on github eventually.
@sarahjamielewis I can't speak to your question, but I've seen message ordering differences happen just by accident (based on when people come online/have network access) so they're probably not trying very hard on this front.
(It's quite disorienting.)
@sarahjamielewis I'd sure hope they consider it a vulnerability, especially in the present day as more and more people are using Signal group chats for organizing protests, etc.
@sarahjamielewis what's a transcript?
a technical term for the (cryptographic) conversation thread i.e. a (partial) ordering of what messages were sent, by who and when.
Transcript consistency relates to the property that all members of a group will agree on the partial ordering.
@sarahjamielewis does it not just order messages by outgoing timestamp? Or does it order them by the order in which they're received by the app?
"ordering" doesn't just relate to how to order the messages but also if a message was sent / if a message was received by all members of a group.
A better way to say it might be: "all members of a group agree on what was said in the group / when it was said / by whom it was said"
Or "to what extent can members of the group notice if they don't receive a message from someone else (and others do) or if they receive a different message than everyone else."
@sarahjamielewis I think that's hard to solve because of the Two Generals Problem https://en.wikipedia.org/wiki/Two_Generals%27_Problem
