security flaw: DoS attack possible by changing password

[abeluck]

Reported via email:

Hello,

With regard to your note cipher app, it has a major security flaw which allows for a major security breach.

Once the app is setup and your password is setup, you can exit out of the app and re-enter the app as if you were someone who picked up your phone and launched the app. When opening the app up, it asks for your passphrase. You can just hit cancel out of that screen and press your native Android key that displays menu options.

Once you do this, the menu options for the app pop up. One of the options is to change the passphrase. You can easily choose that option, go through the process of changing the passphrase and the app will actually change the passphrase, even though the real master passphrase has never been entered, thereby locking you out of your own app. Once you try to re-enter with your initial passphrase (not the one someone else setup) it will not let you enter.

Obviously, this is a major security breach that needs immediate attention.

Please notify me that you have received this.

Thank you very much.

[redacted]

[uberspot]

This is probably for the older version that's up in play store? In the latest upstream there isn't an option anymore to change passphrase. Not yet at least. Also i'm submitting a pull request now cause I checked the code again and I have forgotten a check for when cacheword is locked when opening the settings screen.

p.s. the play store edition can be updated as soon as https://github.com/guardianproject/notecipher/issues/28 is fixed

[abeluck]

@uberspot, yea you're right. Speaking of which, cacheword now supports changing passphrases.

Want to implement that feature in the new version of notecipher?

[uberspot]

Ok, I'll add it to the settings as soon as I have some time. :) Also #28 still remains and I'm not sure how to fix that. Edit: done