Introduce Threat model

[kmindi]

It would be good to know what attacks/threats were already considered in the current design and how they should be prevented. Additionally it would make sense to add those which were left out or are not considered at the moment.

Maybe this could be done in the context of a wiki page.

Threat related Issues

Uncategorized

• MasterSecret implements Parcelable, secure? #934 MasterSecret implements Parcelable, secure?
• Improve privacy of contact discovery #1299 Improve privacy of contact discovery
• Creation of group leaks name and included numbers to participants before any message is sent #1725 Creating of group leaks name and included numbers to participants before any message is sent
• Everyone who has my phone number can figure out that I use textsecure #3080 Everyone who has my phone number can figure out that I use textsecure
• different certificates served to my home internet connection vs. cell data #4300 different certificates served to my home internet connection vs. cell data (fits in more categories)
• SSL Certificate Problem #5100 SSL Certificate Problem
• Protection against Retroscope #5618 Protection against Retroscope
• Hyperlink previews #5724 Hyperlink previews

Being forced to do something:

• Featue Request: Quick way to wipe message database #175 Quick way to wipe message database
• i'm annoying #1512 Secondary Password to Erase All Messages

Traffic Analysis:

• Prevent Traffic Analysis #878 Prevent Traffic Analysis
• Feature request: Sending dummy short messages #328 Feature request: Sending dummy short messages

Message Security

• Forwarded SMS not being encrypted when not touching text #1073 Forwarded SMS not being encrypted when not touching text
• Reading "Encrypted" Messages without Password #1716 Reading "Encrypted" Messages without Password
• Enable sender to delete own messages from all parties in the conversation #1764 Enable sender to delete own messages from all parties in the conversation (more elaborate than Feature request: Message self destruct #900)
• IV is zero on Android 4.3 #2461 IV is zero on Android 4.3

Application

Application Locking:

• Optional Lock #784 Optional Lock
• Adaptively block recurring password entries  #1388 Adaptively block recurring password entries
• Feature request: Lock TextSecure upon connection to usb #268 Feature request: Lock TextSecure upon connection to usb
• After Crash Wrong Password Allowed Entry #1474 After Crash Wrong Password Allowed Entry
• Make disabling passphrase password protected #2761 Make disabling passphrase password protected
• [Security Risk] Login Screen and last character of password visible in app switcher #3017 Login Screen and last character of password visible in app switcher
• Lock screen with PIN entry not using FLAG_SECURE #4132 Lock screen with PIN entry not using FLAG_SECURE (PR Flag secure in all activities that extends BaseActionBarActivity #4152)
• App does not prompt for password #5116 App does not prompt for password

Application Storage Security:

• Switch to page-level database encryption. #4 Switch to page-level database encryption
• Too few rounds of PBKDF2 when encrypting master key with password #184 Too few rounds of PBKDF2 when encrypting master key with password
• MasterSecretUtil salt size of 8 bytes below NIST recommended minimum of 16 bytes #247 MasterSecretUtil salt size of 8 bytes below NIST recommended minimum of 16 bytes
• Improve storage encryption key iterations #570 Improve storage encryption key iterations
• Add possiblity to store key verification #1015 Add possiblity to store key verification
• Disable ADB backups for security reasons #1387 Disable ADB backups for security reasons

Application Runtime Security

• Protection against Retroscope #5618 Protection against Retroscope (reading secrets from RAM)

Denial of Service

• Potential "DOS" (android app, not server) vulnerability #6104 Potential "DOS" (android app, not server) vulnerability

Application hiding/obfuscation

• Ability to hide TS as another app #1190 [Feature Request] Ability to hide TS as another app

APK/Building/Packaging/Releases/Download

• Request: Google Play signed download alternative #127 Request: Google Play signed download alternative
• Check android sdk sha256 sum on Dockerfile #6121 Check android sdk sha256 sum on Dockerfile

Dependencies (e. g. other libraries)

• Speex decoder is vulnerable #6334 Speex decoder is vulnerable

Authentication:

• Allow different kinds of identifiers for registration #1085 Allow different kinds of identifiers for registration
• Fingeprint Exchange #826 Fingeprint Exchange

(Leak of) Personal Identifyalbe Information (PII) / Privacy:

• Anonymous bug reporting mechanism reveals personal info #6276 Anonymous bug reporting mechanism reveals personal info
• Bug report leaks authentication secrets #5570 Bug report leaks authentication secrets (Leaks contact phone numbers to log #4832, Logcat may contain phone numbers #5204, Personally-identifiable information (PII) is being included in logcat logs #6159)
• Overall Privacy-Compromise Created by Profile Feature #7064 Overall Privacy-Compromise Created by Profile Feature [Possible leak of Google Account Name via Profile default content]

Communicating/Showing Security related Issues

• Add Service Announcements #903 Add Service Announcements
• Choice of security presets during setup #838 [Feature Request] Choice of security presets during setup
• [UX] [security] Notification if plaintext message is received in encrypted conversation #2114 [UX] [security] Notification if plaintext message is received in encrypted conversation

Threat Model

• Document current security features and what attacks they should prevent
• Create an overview about the attacks which should be prevented
• Create security architecture diagrams
• Introduce Tests to ensure sourcecode always matches specification for security features

[lorenzhs]

There have been a few blog posts on this topic.
https://whispersystems.org/blog/advanced-ratcheting/
https://whispersystems.org/blog/asynchronous-security/
https://whispersystems.org/blog/simplifying-otr-deniability/

[generalmanager]

@kmindi Sorry for bothering you again, but I'd love to see #2114 mentioned here. Thanks for your effort!

[Quantum-cross]

I would argue that "#2761 Make disabling passphrase password protected" should be extended. Maybe an option that will immediately lock storage upon entering privacy settings, requiring the passphrase to change anything in the privacy settings and unlock the store again.

[kmindi]

@Robcross that comment should go in #2761

[automated-signal]

GitHub Issue Cleanup:
See #7598 for more information.