You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The fact that a new device can be linked, unbeknownst to the correspondent(s) has major security implications.
Example: Alice works for the TLA (Three-Lettered-Agency). Bob is a field agent. Alice is Bob's handler.
Bob's trust in Alice is context-dependent: while he is sure that, at work, Alice has been screened and has no means of recording his messages (photos, screenshots or otherwise), outside of TLA's premises all bets are off. If Alice is a mole for the Adversary, Alice could link a new device and gain access to all the previous information exchanged with Bob, with Bob being none the wiser, as there's no notification when a new device is linked and synchronized
Even if Bob tried to mitigate the risk by setting an expiration timer for his messages exchanged with Alice, trying to make sure the information vanishes before Alice leaves her office, due to the defect in the synchronization logic, no actual mitigation occurs.
Anything else?
No response
The text was updated successfully, but these errors were encountered:
Is there an existing request for feature?
What feature would you like?
The fact that a new device can be linked, unbeknownst to the correspondent(s) has major security implications.
Example: Alice works for the TLA (Three-Lettered-Agency). Bob is a field agent. Alice is Bob's handler.
Bob's trust in Alice is context-dependent: while he is sure that, at work, Alice has been screened and has no means of recording his messages (photos, screenshots or otherwise), outside of TLA's premises all bets are off. If Alice is a mole for the Adversary, Alice could link a new device and gain access to all the previous information exchanged with Bob, with Bob being none the wiser, as there's no notification when a new device is linked and synchronized
Even if Bob tried to mitigate the risk by setting an expiration timer for his messages exchanged with Alice, trying to make sure the information vanishes before Alice leaves her office, due to the defect in the synchronization logic, no actual mitigation occurs.
Anything else?
No response
The text was updated successfully, but these errors were encountered: