berty icon indicating copy to clipboard operation
berty copied to clipboard
verified publisher icon berty

Berty can actually be screenshotted

Open bowknot opened this issue 2 years ago • 8 comments

Is there an existing issue for this?

  • [X] I have searched the existing issues

Berty product

Mobile app

Berty product version

V2.431.2

OS

Android

OS version

android12

Device

No response

Steps to reproduce

Briar, status, and session cannot be screenshotted. Only your software can be screenshotted. It is too dangerous.

Current behavior

Briar, status, and session cannot be screenshotted. Only your software can be screenshotted. It is too dangerous.

Expected behavior

No response

Other

No response

bowknot avatar Sep 25 '23 13:09 bowknot

you can take a picture of your phone with another phone on any application, so this "security" is very limited

n0izn0iz avatar Sep 25 '23 15:09 n0izn0iz

you can take a picture of your phone with another phone on any application, so this "security" is very limited

In China, mobile phones are monitored and screenshots can be taken and uploaded at any time. No other IM software can take screenshots. Only Berty can take screenshots. You foreigners can't understand this.

bowknot avatar Sep 25 '23 23:09 bowknot

good point, thanks for the info are you sure that the application can really prevent the OS from taking the screenshots though?

n0izn0iz avatar Sep 27 '23 12:09 n0izn0iz

1 - Hi @bowknot, could you share more about how this "phone monitoring system" works? It seems inefficient to flag Berty as "do not take screenshots" when phone's operating system is already compromised.

2 - Maybe we misunderstood you. Are you asking us to remove or disable the ability to take screenshots just to avoid attracting the attention of authorities?

iuricmp avatar Sep 28 '23 08:09 iuricmp

good point, thanks for the info are you sure that the application can really prevent the OS from taking the screenshots though?

I have tried it, and it is true that the briar, session, and status cannot take screenshots.

bowknot avatar Sep 28 '23 11:09 bowknot

1 - Hi @bowknot, could you share more about how this "phone monitoring system" works? It seems inefficient to flag Berty as "do not take screenshots" when phone's operating system is already compromised.

2 - Maybe we misunderstood you. Are you asking us to remove or disable the ability to take screenshots just to avoid attracting the attention of authorities?

It’s not very clear, but it will be randomly captured by a popular Chinese “WeChat” application, and Chinese mobile phones will also upload the application name. So I strongly urge you to add the function to prevent screenshots.

bowknot avatar Sep 28 '23 11:09 bowknot

Hi @bowknot ! thanks for pointing this up. For the moment our tech team is quite small and we have to be extremely selective in where we choose to focus our efforts.

Like @iuricmp said before, does it even matter if we disable the screen-shot option or not if the phone/device si compromised? We're not convinced it would make a difference.

We'd love so say yes and add this to our roadmap, but we need to be sure this would really make a difference (which we are not right now) and really consider the security implications. Otherwise we risk delivering just a "warm and fuzzy" sensation of security instead of real protection.

So for the moment we put this suggestion aside, be we don't forget it. Maybe in the future we will understand it better and if we'll have the resources we might even work on it. Hope you'll understand.

Sincere thanks for signalling this to us.

costinberty avatar Sep 29 '23 09:09 costinberty

Will track this as a feature request to disable screen shots. Put in backlog until we have time to investigate.

jefft0 avatar Sep 29 '23 13:09 jefft0