Is it possible to sneak a remote desktop viewer inside a SAFE app?

just out of curiosity, can I develop a native SAFE app (rust + SAFE App Launcher), and put a keylogger on it?

And what kind of data can I get? Only keys typed on my own app or keys from all the system, regardless of being typed on my app or not. Eg.: credentials to access the SAFE network, text typed on other SAFE apps, etc.

Can I also put a remote desktop viewer and send all images/data using a normal http connection? Or all SAFE apps will run on some kind of sandbox, maybe using some virtualization, with restricted access to the OS?

I think SAFE websites will be very secure, but I’m curious about binary SAFE apps.

PS: don’t get me wrong with these questions, I love this project, and even that if it’s possible to do what I’m suggesting, I think it’s a wonderful project.

1 Like

Depends on exactly what you want and performance issues.

Keylogging is simply done using messaging.

Remote desktop is harder to provide the performance needed for respectable screen updates. There are a number of solutions that could be used, but one has to define the security & anonymity desired.

Target - privacy&anonymity requirements?
support PC - privacy&anonymity desired?

If tech support helping customer then you could route all the screen updating over traditional encrypted internet. Essentially similar to traditional remote desktop and a VPN would provide a measure of anonymity for the tech support and hinder surveillance.

If total security&anonymity of SAFE needed then I see that a performance impact will have to be accepted and screen updates still occur through messaging with larger updates requiring an SD or immutable chunk, with the associated costs to PUT SD/chunk

1 Like

thanks for the reply @neo. There’s a lot of traditional software that I still don’t know how they will work on SAFE, and it’s good to know that it’s possible to build a remote support app on it.

But my question it’s about the bad guys :smile: How feasible is to build a flappy bird game clone, which will be apparently a normal safe app, but it’s actually a trojan - which will steal the safe credentials and transmit the victim desktop to a blackmailer. I know that I can do it on the traditional way (a C or Rust .exe file delivered on my safe website), but my question is: can I build a trojan to be lauched on the launcher? Or all launcher apps run on a sandbox?

I’m asking this because it seems that everyone thinks that open a SAFE app is so safe as to open a webpage, because in a some way, SAFE network will protect you from be stealing.

Any malware that keylogs/screen grabs will grab your keystrokes and screen, be it SAFE log in or google log in.

The is a thread on this question where people discuss solutions including a crypto device that is challenged and it responds to the client group for credentials checking. Another is a code sent to a separate device and entered.

But for the initial implementation of SAFE and the client uses keyboard entry of credentials.

The SAFE APP has no access to your credentials

so, there’s no way to a SAFE APP, started on the launcher, steal my SAFE credentials?

I mean, SAFE APPs aren’t just regular exe apps? Can’t I build a SAFE APP in rust, for instance?

I understood that a SAFE APP won’t directly ask for credentials, but it still can install a keylogger on my system right?

The ultimate goal here - and one of the most lauded points about the network - is that your credentials are never sent over the network. Therefore, there’s no way that an APP that only runs within the context of the launcher can steal credentials. That’s point #1.

Point #2 is that it doesn’t prevent the executable doing whatever the OS allows it to while it’s connected. So screen-grabbing/keylogging is possible.

As an aside here - If the data is to be sent over the SAFE Network, then someone will have to pay for the PUTs. If the launcher disallows a third-party to pay for PUTs (e.x. only the logged-in user can be billed - as it should be) then you’ll know that you’re PUTting a lot of data onto the network because any good wallet software will tell you so.

On the other hand, if it’s transmitted over http/s, that security aspect goes right out the window.

But back to point #1: If the OS that you’re on allows the executable to spawn other processes (like a keylogger/screen grabber/etc) outside of the launcher session (which only handles network authentication, not process execution - that’s the OS’s job) then those can continue to run after the connection to the SAFE Network is closed. However that means that either the data is stored on your local disk or transmitted over the existing internet.

Once a malicious program is running on your local computer it can act just like any other malicious program. The launcher does not “sandbox” apps - that is the user’s prerogative to do so via the OS.

TL;DR - Running executables is the OS’s job and is not dependant on the launcher - that only handles network authentication. Any executable can install/run malicious programs directly on the OS - and should be treated with the same caution as any other current application that is in existance (FOSS plug goes here). A malicious program can own the entire computer, including (but not limited to) your SAFE credentials if it is allowed to by the user.

Zero-knowledge proof and/or 2FA? Nice.

1 Like

thanks, that’s what I thought. But I wonder how many people on the community mistakenly think that a SAFE APP on the launcher can’t hurt them.

People are used to know that they can access whatever website without any concern - because no matter how malicious the website is, it can’t hurt its visitors. And I think there’s a lot of people on the community which thinks that SAFE APPs will work just like that. That they will be able to try any APP on launcher, and the worst which could happen is the APP hurt/steal its own data. And that’s very dangerous to people have this mindset.

I wonder how many people would choose the answer #1 if there’s a poll like that:

A SAFE APP started on the laucher can monitor you and steal your SAFE credentials?

  1. No. SAFE will protect me from this.
  2. Yes. They’re executables. They can do whatever they want.

You are a bit off on that one!

Not an in-depth link, but there are definitely attack vectors via the web browser. Keep in mind that amoung security professionals, sandboxing browsers is common practice. (Of course they/we’re tinfoil hat nuts – but…you know…scoreboard, right?) Maaaaaaybe those threats are not as blatantly obvious as what we’re describing here, but definitely relevant.

I’d say, though, that these would be more akin to an actual internet-utilizing desktop/mobile application.

But you are correct, and I’m sure that a little education would go a long way in mitigating these attacks. I mean, point blank, this is going to be a paradigm shift. No two ways about it. Sure, there may be a browser that can sandbox APPs for you, but that’s all it’ll really be doing. (along with displaying them as well)

And you brought up a good reason why a SAFEOS needs to be built. That is certainly necessary in the future for mass adoption - but right now, I think my colleagues here have got their heads wrapped around basic security practices well enough to lead this ever-blossoming community in the right direction.

1 Like

I was generally speaking. I think you get my point :wink:

My fear is that the non-techie user will hear about the SAFE network, then he’ll think that SAFE apps are designed to be used as webpages and then we’ll have a disaster.

Even here on this community I guess that many people don’t know that SAFE apps can be very dangerous - and I’m not talking about some obscure exploit, I’m talking about the way it was designed to be.

For instance, there’s a call here to build some apps to test the network. I can easily sneak some nasty code on my app (steal all keyboard inputs like safe credentials, cc accounts, see what they’re seeing on their screens, etc), and people will execute without any fear because they think that a SAFE APP can’t do this kind of things. And this false sense of safety is which will worsen the damages.

I’m not saying that the SAFE is flawed, just saying that people needs to be educated (as you mentioned) that SAFE APPs aren’t so safe as to access a SAFE webpage - that they need to have the same caution as they have installing any executable on their machines. SAFE provides a lot of safety, but not in this sense.

And I agree with you again: a SafeOS will provide event more safety, but still that people needs to be very aware of the risks of executing a non web APP.

1 Like

Well, this is supposed to be “Secure Access For Everyone”, so how can we make this secure?

My initial thought would be to have the launcher sandbox all SAFE applications. That seems like it would be difficult to implement, restrictive, and bug-prone. But it’s my go-to for security ATM. You got any thoughts?

1 Like