From 12be85b9d2b8a3094fd527c843bb1a1527033fff Mon Sep 17 00:00:00 2001 From: redoomed1 <161974310+redoomed1@users.noreply.github.com> Date: Thu, 22 Aug 2024 10:37:19 -0700 Subject: [PATCH] update!: Move Molly from blog post to RTC page (#2729) Signed-off-by: Jonah Aragon Signed-off-by: Daniel Gray --- .../signal-configuration-and-hardening.md | 49 ++----------------- docs/real-time-communication.md | 39 ++++++++++++++- .../assets/img/messengers}/molly.svg | 0 3 files changed, 42 insertions(+), 46 deletions(-) rename {blog/assets/images/signal-configuration => theme/assets/img/messengers}/molly.svg (100%) diff --git a/blog/posts/signal-configuration-and-hardening.md b/blog/posts/signal-configuration-and-hardening.md index fc55db3441..bdab3763b7 100644 --- a/blog/posts/signal-configuration-and-hardening.md +++ b/blog/posts/signal-configuration-and-hardening.md @@ -1,7 +1,7 @@ --- date: created: 2022-07-07 - updated: 2023-05-06 + updated: 2024-08-23 authors: - contributors - matchboxbananasynergy @@ -199,46 +199,13 @@ If you use iCloud and you don’t want to share call history on Signal, confirm While it may be tempting to link your Signal account to your desktop device for convenience, keep in mind that this extends your trust to an additional and potentially less secure operating system. -If your threat model calls for it, avoid linking your Signal account to a desktop device to reduce your attack surface. - -### Endpoint Security - -Signal takes security very seriously, however there is only so much an app can do to protect you. - -It is very important to take device security on both ends into account to ensure that your conversations are kept private. - -We recommend an up-to-date [GrapheneOS](https://www.privacyguides.org/en/android/distributions#grapheneos) or iOS device. +Avoid linking your Signal account to a desktop device to reduce your attack surface, if your threat model calls for protecting against [:material-bug-outline: Passive Attacks](https://www.privacyguides.org/en/basics/common-threats/#security-and-privacy){ .pg-orange }. ### Molly (Android) -On Android you can consider using **Molly**, a fork of the Signal mobile client which aims to provide extensive hardening and anti-forensic features. - -!!! recommendation - - ![Molly logo](../assets/images/signal-configuration/molly.svg){ align=right } - - **Molly** is an independent Signal fork which offers additional security features, including locking the app at rest, securely shredding unused RAM data, routing via Tor, and more. - - [:octicons-home-16: Homepage](https://molly.im/){ .md-button .md-button--primary } - [:octicons-eye-16:](https://signal.org/legal/#privacy-policy){ .card-link title="Privacy Policy" } - [:octicons-info-16:](https://github.com/mollyim/mollyim-android/wiki){ .card-link title=Documentation} - [:octicons-code-16:](https://github.com/mollyim/mollyim-android){ .card-link title="Source Code" } - [:octicons-heart-16:](https://opencollective.com/mollyim){ .card-link title=Contribute } +If you use [Molly](https://www.privacyguides.org/en/real-time-communication/#molly-android) on Android to access the Signal network, there are a number of privacy- and security-enhancing features that you may want to explore. - ??? downloads - - - [:octicons-moon-16: Accrescent](https://accrescent.app/app/im.molly.app) - - [:simple-github: GitHub](https://github.com/mollyim/mollyim-android/releases) - -Molly offers two variants of the app: **Molly** and **Molly-FOSS**. - -The former is identical to Signal with the addition of Molly's improvements and security features. The latter, Molly-FOSS, removes Google's proprietary code, which is used for some key features (e.g., [FCM](https://en.wikipedia.org/wiki/Firebase_Cloud_Messaging) and Google Maps integration), in an effort to make it fully open-source. - -A comparison of the two versions is available in the [project's repository](https://github.com/mollyim/mollyim-android#readme). - -Both versions of Molly support [reproducible builds](https://github.com/mollyim/mollyim-android/tree/main/reproducible-builds), meaning it's possible to confirm that the compiled APKs match the source code. - -#### Features +#### Privacy and Security Features Molly has implemented database encryption at rest, which means that you can encrypt the app's database with a passphrase to ensure that none of its data is accessible without it. @@ -251,7 +218,7 @@ Once enabled, a configurable lock timer can be set, after which point Molly will For the database encryption feature to be useful, two conditions must be met: 1. Molly has to be locked at the time an attacker gains access to the device. This can include a physical attack in which the attacker seizes your device and manages to unlock the device itself, or a remote attack, in which the device is compromised and manages to elevate privileges to root. -1. If you become aware that your device has been compromised, you should not unlock Molly's database. +2. If you become aware that your device has been compromised, you should not unlock Molly's database. If both of the above conditions are met, the data within Molly is safe as long as the passphrase is not accessible to the attacker. @@ -266,9 +233,3 @@ Signal adds everyone who you have communicated with to its database. Molly allow To supplement the feature above, as well as for additional security and to fight spam, Molly offers the ability to block unknown contacts that you've never been in contact with or those that are not in your contact list without you having to manually block them. You can find a full list of Molly's [features](https://github.com/mollyim/mollyim-android#features) on the project's repository. - -#### Caveats - -- Molly removes Signal's MobileCoin integration. -- Molly is updated every two weeks to include the latest features and bug fixes from Signal. The exception is security issues, which are patched as soon as possible. That said, you should be aware that there might be a slight delay compared to upstream. -- By using Molly, you are extending your trust to another party, as you now need to trust the Signal team, as well as the Molly team. diff --git a/docs/real-time-communication.md b/docs/real-time-communication.md index 998a8a2517..ef934b685e 100644 --- a/docs/real-time-communication.md +++ b/docs/real-time-communication.md @@ -67,6 +67,41 @@ We have some additional tips on configuring and hardening your Signal installati [Signal Configuration and Hardening :material-arrow-right-drop-circle:](https://blog.privacyguides.org/2022/07/07/signal-configuration-and-hardening) +#### Molly (Android) + +If you use Android and your threat model requires protecting against [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } you may consider using this alternative app, which features a number of security and usability improvements, to access the Signal network. + +
+ +![Molly logo](assets/img/messengers/molly.svg){ align=right } + +**Molly** is an alternative Signal client for Android which allows you to encrypt the local database with a passphrase at rest, to have unused RAM data securely shredded, to route your connection via Tor, and [more](https://blog.privacyguides.org/2022/07/07/signal-configuration-and-hardening#privacy-and-security-features). It also has usability improvements including scheduled backups, automatic locking, and the ability to use your Android phone as a linked device instead of the primary device for a Signal account. + +[:octicons-home-16: Homepage](https://molly.im){ .md-button .md-button--primary } +[:octicons-eye-16:](https://signal.org/legal/#privacy-policy){ .card-link title="Privacy Policy" } +[:octicons-info-16:](https://github.com/mollyim/mollyim-android/wiki){ .card-link title="Documentation"} +[:octicons-code-16:](https://github.com/mollyim/mollyim-android){ .card-link title="Source Code" } +[:octicons-heart-16:](https://opencollective.com/mollyim){ .card-link title="Contribute" } + +
+Downloads + +- [:simple-fdroid: F-Droid](https://molly.im/fdroid) +- [:octicons-moon-16: Accrescent](https://accrescent.app/app/im.molly.app) +- [:simple-github: GitHub](https://github.com/mollyim/mollyim-android/releases) + +
+ +
+ +Molly is updated every two weeks to include the latest features and bug fixes from Signal. The exception is security issues, which are patched as soon as possible. That said, you should be aware that there might be a slight delay compared to upstream, which may affect actions such as [migrating from Signal to Molly](https://github.com/mollyim/mollyim-android/wiki/Migrating-From-Signal#migrating-from-signal). + +Note that you are trusting multiple parties by using Molly, as you now need to trust the Signal team *and* the Molly team to deliver safe and timely updates. + +There is a version of Molly called **Molly-FOSS** which removes proprietary code like the Google services used by both Signal and Molly, at the expense of some features like push notifications. There is also a version called [**Molly-UP**](https://github.com/mollyim/mollyim-android#unifiedpush) which is based on Molly-FOSS and adds back support for push notifications with UnifiedPush, but it requires self-hosting a program on a separate computer to function. All three versions of Molly provide the same security improvements. + +Molly and Molly-FOSS support [reproducible builds](https://github.com/mollyim/mollyim-android/tree/main/reproducible-builds), meaning it's possible to confirm that the compiled APKs match the source code. + ### SimpleX Chat
@@ -234,12 +269,12 @@ Session has a [whitepaper](https://arxiv.org/pdf/2002.04609.pdf) describing the Our best-case criteria represents what we would like to see from the perfect project in this category. Our recommendations may not include any or all of this functionality, but those which do may rank higher than others on this page. -- Supports Forward Secrecy[^1] +- Supports forward secrecy[^1] - Supports Future Secrecy (Post-Compromise Security)[^2] - Has open-source servers. - Decentralized, i.e. [federated or P2P](advanced/communication-network-types.md). - Uses E2EE for all messages by default. - Supports Linux, macOS, Windows, Android, and iOS. -[^1]: [Forward Secrecy](https://en.wikipedia.org/wiki/Forward_secrecy) is where keys are rotated very frequently, so that if the current encryption key is compromised, it does not expose **past** messages as well. +[^1]: [Forward secrecy](https://en.wikipedia.org/wiki/Forward_secrecy) is where keys are rotated very frequently, so that if the current encryption key is compromised, it does not expose **past** messages as well. [^2]: Future Secrecy (or Post-Compromise Security) is a feature where an attacker is prevented from decrypting **future** messages after compromising a private key, unless they compromise more session keys in the future as well. This effectively forces the attacker to intercept all communication between parties, since they lose access as soon as a key exchange occurs that is not intercepted. diff --git a/blog/assets/images/signal-configuration/molly.svg b/theme/assets/img/messengers/molly.svg similarity index 100% rename from blog/assets/images/signal-configuration/molly.svg rename to theme/assets/img/messengers/molly.svg