I’d be more interested in allowing more than one Android device at a time like MySudo. They let you link Windows with a phone so I wouldn’t think it would be too hard to implement.
Comment on Under Meredith Whittaker, Signal Is Out to Prove Surveillance Capitalism Wrong
sugar_in_your_tea@sh.itjust.works 3 weeks agoYeah, hopefully. It would also be awesome to have a web login so I could access messages and whatnot when using someone else’s computer w/o having to install something.
I don’t know what direction they’re going, but I’m honestly okay with the caveats that currently exist.
Manalith@midwest.social 3 weeks ago
01189998819991197253@infosec.pub 3 weeks ago
Having web logon would mean they would need to hold the decryption key in some form (or have a weak decryption key, your credentials), so, while convenient, I think it would degrade security and possibly privacy. Unless you mean to receive new messages, the way the desktop app works?
Laborer3652@reddthat.com 3 weeks ago
Not if they used WebAssembly to do all the decryption locally.
01189998819991197253@infosec.pub 3 weeks ago
I can’t tell if you’re joking haha
sugar_in_your_tea@sh.itjust.works 3 weeks ago
Why would they be joking? There’s really not a big difference between how their mobile and desktop apps work and what’s possible in the web. It can fetch the keys from my computer or my phone just like their other apps work, and store the keys and whatnot encrypted in temporary local storage, just like on the phone. WebAssembly could allow them to share the code and retain similar performance.
I honestly don’t see an issue here. If they need help, I’d be happy to lend a hand.
Laborer3652@reddthat.com 2 weeks ago
Why? C++ does wasm and I’m pretty sure the signal client is already written in C++. It definitely wouldn’t be something that could be pulled off quickly, but the ability to securely run code like this is kind of the whole point of wasm as I understand it, no?