I don’t see refenece in this article or any others, but how did prosecutors get access to SBF’s Signal messages?

Was it simply a court order that he unlock his phone (and agreed), or a codefendant who flipped to the prosecution and handed over the thread?

  • jet@hackertalks.com
    link
    fedilink
    English
    arrow-up
    3
    arrow-down
    1
    ·
    edit-2
    1 year ago

    None of the screenshots had self destruct timers, so I’m not sure how they were using signal… kinda looks like signal desktop

    more of the screenshots arnt cropped, they do have disappearing message timers, but they are using signal desktop, which doesn’t do local encryption. So those disappearing messages are still on disk floating around…

    (Signal desktop AFAIK has a terrible security posture, not secure at all)

    • ikiru@lemmy.ml
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      Is there a way to clear messages from the disk other than by deleting the Signal Desktop app itself or is that sufficient?

      • jet@hackertalks.com
        link
        fedilink
        English
        arrow-up
        3
        arrow-down
        1
        ·
        edit-2
        1 year ago

        Not really. Once data is written to disk it’s more or less there forever. At least from a risk perspective.

        If your disc is encrypted, you can change the disc encryption key, throw away the old key, then it doesn’t matter that the data is there you no longer have the key so the date is lost.

        Most people use full disc encryption, and they’re unlikely to want to throw away all of their data just for signal.

        Unless you’re using a container to run signal, or a virtual machine, or qubes : with disc encryption, then anything signal writes to the hard disk is more or less there forever from a risk perspective.