Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Signal forgets contact uses signal; sends insecure SMS without warning. #5531

Closed
JacobHenner opened this issue Jun 11, 2016 · 35 comments
Closed
Milestone

Comments

@JacobHenner
Copy link

JacobHenner commented Jun 11, 2016

Bug description

Every once in a while, and seemingly at random, Signal forgets that a contact uses signal, and beings to send them unencrypted SMS without warning (see #4390). The UI also suggests inviting them to signal, even though they have already registered. Refreshing my contacts does not fix the issue, nor does the contact resetting the secure session. Interestingly, all of the messages they send to me during this time remain encrypted. Re-registering my device with the directory is also ineffective. I have not been able to figure out how to fix this issue, and my messages remain unencrypted.

Steps to reproduce

  • Initiate conversation with contact.

**Actual result:**At an arbitrary time, conversation will switch to insecure SMS without warning. Signal will suggest inviting the contact, even though they use signal, and their messages remain encrypted

Expected result: Messages should remain encrypted. If for some reason that is no longer possible, a warning should be displayed.

Device info

Device: Droid Turbo
Android version: 5.1
Signal version: 3.16.0

@moxie0
Copy link
Member

moxie0 commented Jun 12, 2016

Does the contact you're communicating with run some kind of weird ROM, alternate build of Signal, etc?

@JacobHenner
Copy link
Author

JacobHenner commented Jun 13, 2016

@moxie0 The most recent contact I've had an issue with (I've had an issue with two) was using 3.15.2. Things were resolved when he updated today. However, this still shouldn't have happened, and even if there was some incompatibility between the outdated and current version, a warning should have been displayed since prior messages to the contact were encrypted.

@moxie0
Copy link
Member

moxie0 commented Jun 13, 2016

The server considers someone incapable of receiving messages if their GCM or APN id is reported as being invalid/unregistered by the GCM or APN servers. This typically happens when they uninstall the app, in which case you do want Signal to revert back to SMS. However, it could inadvertently happen if they use titanium backup, some weird rom, a 3rd party client, etc. I'd be interested to know if this contact somehow fucks with their phone, or if they're a total normal/stock user who someone got unregistered.

@scienmind
Copy link
Contributor

scienmind commented Jun 14, 2016

Regardless of the root cause of this particular issue, I do think there is a valid point being made about notifying the user in such case.

Just as we display a warning today in case of key mismatch, similarly, if this certain contact (number) that we used to contact via signal is not registered anymore, user should be notified.
From the user point of view, the two cases are somewhat alike - we cannot reliably contact them securely, even though we could do so before.

(Of course there is an indication by the button color and the dimmed text on the input line, but those are easy to miss once you get used to the app and work on an autopilot. An explicit, "unusual" message would be much more appropriate in such a case)

Edit: In my opinion, displaying a message similar to those of "group updates" in the conversation window, would be a reasonable way to go about it.

@JacobHenner
Copy link
Author

JacobHenner commented Jun 16, 2016

@moxie0 Just spoke with the contact, he says he runs his phone's stock OS, did not uninstall the app, or use titanium backup.

@stendler
Copy link

stendler commented Jul 6, 2016

Well, this just happened to me.
Several of my contacts told me that they cannot reach me via Signal and they get told that I'm not registered.

Even stranger is this in combination with my Desktop-Apps. The Desktop programs can communicate with each other (I have myself as a contact), but my phone tells me that the contact "me" is unregistered.
Furthermore when I message from my phone I receive an error message on the desktops: "No record for device .1".
Also any message I send, do not seem to be delivered (just one checkmark).
But when I reinitiate the encryption they get messaged about that - but still can only send unencrypted sms.

When I check the connected devices on mobile, it says at least that both desktop apps were active today.


I'm gonna unregister and reregister again tomorrow and see, if that fixes the problem.
Any information I could give you, you might need solving this issue?

EDIT: I guess I'll create a support ticket then.

@2-4601
Copy link
Contributor

2-4601 commented Jul 6, 2016

Debug logs could be helpful.
You could try to capture a log after you send a message from your Android client. Or when you receive a message. Also logs from the Desktop client might be useful. And if you can persuade one of your contacts to send a debug log after they send you a message that might help too.

@stendler
Copy link

stendler commented Jul 7, 2016

I guess I'll create a support ticket then.

I have the 3 debug logs now. But I could only sniff with wireshark on the desktops. And there is so much traffic on there. Any hints on how to filter for the traffic of the signal app?

On mobile I tried setting up a ssl capturer as vpn, but somehow Signal does not send message while this one is active (other app connections work).

@2-4601
Copy link
Contributor

2-4601 commented Jul 7, 2016

As with the Android client you can capture a debug log within Signal Desktop itself. That's the preferred way to debug bugs with the clients.
(Not sure if capturing raw traffic will be of any help but the Desktop client uses the port 4433.)

@stendler
Copy link

stendler commented Jul 8, 2016

Welp, I guess I just attach those logs here. Somehow I cannot submit a support request. Somehow I cannot submit a support request.

signal_debug_LINUX.txt
signal_debug_ANDROID.txt
signal_debug_WINDOWS.txt

@fouloleron
Copy link

fouloleron commented Jul 9, 2016

I'm seeing similar behaviour.

I have Signal on latest Android, they have Signal on latest iOS on a new iPhone 6S. Just today I sent an insecure SMS when I intended to send a secure message via Signal. When they replied via Signal my app reset and sent messages via Signal again. Perhaps an hour later it's reset to sending to her via SMS again.

@stendler
Copy link

stendler commented Jul 9, 2016

@fouloleron That behaviour differs from what happened to me. Messages I sent via Signal didn't get delivered to them at all.

Update from my side: I finally unregistered and reregistered via the app. It now works all fine again. Just had to reconnect the desktop apps.

@85pando
Copy link

85pando commented Jul 11, 2016

Also got the problem that I can not send messages to another person, but he can sent to me:

signal-osx.txt

@fouloleron
Copy link

fouloleron commented Jul 11, 2016

Perhaps I didn't dig deep enough initially - I hadn't realised that the other party, who has two phones, had registered Signal on one phone using the other phone's number. I wouldn't be surprised if that muddied the waters a bit.

@samhiatt
Copy link

samhiatt commented Nov 20, 2016

I just experienced this behavior. I've noticed the same thing before, several months ago, but it just happened again. For a period of about ten minutes or so I was unable to send Signal messages to my contact. At first we didn't notice our convo had gone insecure and we sent several insecure SMS before noticing. While we were trying to figure it out I did receive one secure Signal message from my contact, and I am 99.9% certain that when I started writing my message saying, "oh, we're back on signal" the edit box said "Send Signal message", however it ended up being sent via insecure SMS. :/

My contact reinstalled Signal, and right after I received the next secure Signal message from him I received 7 notifications all at once saying 7 new contacts had just joined Signal. Anyway, this hints to me that, as @moxie0 suggested, the GCM or APN id must have been reporting as being invalid/unregistered by the GCM or APN servers, however I bet the cause was due to a temporary server outage rather than an issue with the device or local installation.

At any rate, if Signal can't verify the identity of the message recipient for whatever reason at the time I try to send it, I would expect Signal to notify me that it can't verify, and certainly not fallback to insecure SMS while giving very little UI indication. Don't allow users to inadvertently continue their conversation over insecure channels when this happens.

I'd strongly push for a feature that actively prevents me from ever sending SMS (or any insecure comm) to a contact with whom I've already initiated a secure Signal convo.

@2-4601 2-4601 added the bug label Nov 20, 2016
@2-4601
Copy link
Contributor

2-4601 commented Nov 20, 2016

Possibly duplicate of #4468 or related.

FWIW, I received a notification that a contact has joined Signal today. This contact has been a Signal user for over a year. I have not had any conversation with this contact in the past days so I don't know if I would have experienced the switch to insecure transport. Now the transport method is showing Signal.

Also note that in #4468 there was a comment just now:

Im having this problem in two conversations one disabled conversation a few days the other one today. In both cases I can still receive encrypted messages but are unable to send them messages. Signal just shows the gray sms message button.

Debug log

@zouroboros
Copy link

zouroboros commented Nov 20, 2016

Also I can still send encrypted messages using the desktop client. It just doesn't work with the phone client.

@2-4601
Copy link
Contributor

2-4601 commented Nov 23, 2016

Related #5884 (comment)

@samhiatt
Copy link

samhiatt commented Nov 23, 2016

I also experienced the exact same behavior as described in issue 4468 when this happened the other day. Just emailed Moxie the numbers.

@Trolldemorted
Copy link
Contributor

Trolldemorted commented Nov 28, 2016

@moxie0 one of my contacts is affected by this/#5859 again (stock rom, a samsung whatever smartphone). His smartphone crashed(?)/rebooted several times in the last few days, could that have caused it?

Do you need more debug logs/affected phone numbers?

@Keiphyn
Copy link

Keiphyn commented Dec 9, 2016

I'm having a similar issue (I think). I am in the United States and my contact is in Argentina. I'm seeing her messages with the lock icon, but I'm seeing in my text bar "Send unsecured SMS".

We both have Signal. I updated my application as well as uninstalled/reinstalled.

I'm not sure what to do next..
Thank you for any help you can provide.

@2-4601
Copy link
Contributor

2-4601 commented Dec 9, 2016

@Keiphyn Your issue could be #1511.

@riyapenn
Copy link

riyapenn commented Dec 9, 2016

@Keiphyn
Copy link

Keiphyn commented Dec 9, 2016

@grinapo
Copy link

grinapo commented Mar 2, 2017

Same "old" contact which have failed on #6232 have worked in a chat, then the next time I tried to reply to a secure message I got "unsecured only" and calling defaults back to phone call as well. I saved the debug log but I don't see anything relevant:
https://gist.github.com/anonymous/689a27f2728f703709281c62aa16d01a
Maybe someone with a keen eye...

@scienmind
Copy link
Contributor

scienmind commented Mar 2, 2017

A frequent contact of mine, call him "Alice" became "unregistered" in the eyes of every one of his contacts - that is noone can send him encrypted messages, while "Alice" himself can send encrypted messages as before, and everyone can receive them successfully (without any extra warnings).

It started on February 28th, and was eventually resolved 2 days later by "Alice" unregistering and re-registering again.

Unfortunately "Alice" failed to obtain any logs during the "buggy" period.

@ddddavidmartin
Copy link

ddddavidmartin commented Mar 2, 2017

I had a similar observation on my end. One of my contacts became unregistered on the 23rd of Feb and came back on 26th of Feb. They could still send secure messages to me, but I could not send them back. The desktop app refused because the contact was unregistered and the Android app only allowed to fall back to SMS.

I followed parts of the support guide (FIRST and SECOND step, re-registering my device and resyncing my contacts), which did not help.

I gave up on the issue and after three days it worked again without apparent changes from our side.
The other sides Signal is running on stock Android for what it is worth. The phone numbers are both Australian. I do not have any debug logs unfortunately.

@moxie0 moxie0 added this to the 3.31.0 milestone Mar 3, 2017
moxie0 added a commit that referenced this issue Mar 6, 2017
@moxie0
Copy link
Member

moxie0 commented Mar 6, 2017

This should be fixed in 3.31.0. It seems that, for some reason, some people's devices have reported "uninstall" events to GCM when they didn't really uninstall. This change just more aggressively keeps clients registered.

@moxie0 moxie0 closed this as completed Mar 6, 2017
elliptic1 pushed a commit to elliptic1/Signal-Android that referenced this issue Mar 11, 2017
@outsideyourbox
Copy link

outsideyourbox commented Jul 31, 2017

Am I understanding correctly, moxie0?
Signal sends unencrypted messages for random reason. 'we fixed the random reason, but we left intact the potential for this to repeat'

@ka223
Copy link

ka223 commented Sep 5, 2017

Had something similar now on Signal 4.9.9.

I can suddenly only send unecrypted SMS (from my both my devices) to one of my contacts.
24h later, after he was at a wifi network, suddenly signal messages reappears at this contact, without any action.

@ka223
Copy link

ka223 commented Sep 7, 2017

And again, from one message to another, only insecure SMS is available for this contact. This is very annoying.

@mfelaco
Copy link

mfelaco commented Nov 1, 2017

This just happened to me, and it's happened before... It shouldn't be a closed issue. Sending an unsecured SMS can have very real security implications, so please pay attention to this.

@Legogris
Copy link

Legogris commented Nov 3, 2017

I have this too. Occasionally I only have the opion to "send insecure SMS" with contacts I have existing conversations with, and then an hour later it changes back to normal.

This is REALLY bad, since it can make people send unencrypted SMS by mistake.

@UbuntuBabyDragon
Copy link

UbuntuBabyDragon commented Nov 19, 2017

Just got an LG-H932 V30 running Adroid V.7.1.2, downloaded the app. It was running fine until this same situation also started happening to me.

@vertigo220
Copy link

vertigo220 commented Apr 7, 2018

I had a similar (the same?) issue yesterday. I've had Signal installed for probably about a month now, and I was having a conversation with a friend who I had install it around the same time, but then he uninstalled it last week (due to another issue he had with it) and reinstalled it sometime in the past couple days. While texting with him yesterday, it was secured at first, but then it randomly switched to unsecured (on my end, not sure about his), then back to secured, then back to unsecured, and it stayed like that for hours. Today it's showing secured again. I don't know if it's because of some confusion caused by him uninstalling then reinstalling. I have Signal set as my default SMS/MMS app, he doesn't (though that shouldn't matter). Both our phones are stock. He did say he just updated his phone, either to Android 8 or an update on top of 8, not sure (I can find out if needed, but I doubt it matters, since if that were the issue it seems it would have been broken the whole time, not intermittently). Unfortunately, I didn't think to check if my other Signal contact was unsecure as well, nor did I try force-closing Signal, though I did try swiping it from recent apps and relaunching it. We were both on Wi-Fi at the time, so that shouldn't be the problem. I was doing a big download, so my bandwidth was stretched pretty thin, but that shouldn't have caused Signal to resort to using the cell network, especially since I had poor signal at the time. And where he was, even if for some reason it would have switched from Wi-Fi to the network, he would have had data. Also, all his messages to me were secure, so it doesn't seem to be network related.

Here's a debug log taken while it was happening: https://debuglogs.org/1699f3d293636eb9894a179bdf3a1f8a52b223681a0afebd69ac9db3265f8edd

Also, this may be related to #7016

I'm using a Moto Z Play running 7.1.1

As a final note, this topic should be tagged with "unsecure," since that's the proper term, not "insecure," which means something completely different. It took far too much digging to find it because of this.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests