Why is there no signal web client?
I’ve read about E2EE (end to end encryption) of Signal in web clients on a Signal Community discussion forum, and wonder why they say that the browser is insecure for E2EE and native apps are secure.
We want to develop some chat service like Signal with a web client, but this article confused us. Should we ship a web client or not?
Yes, HTTPS is used. The thread doesn't say that the web app will be completely insecure, instead it says
This effectively reduces the security of your end-to-end encrypted communication to that of your SSL connection to the server Which means that anyone who can control the SSL connection to the server can now intercept and eavesdrop on your e2ee communications. So who exactly can control the SSL connection?
Well, if a (possibly state-level) attacker controls/compromises a CA, they could issue a fraudulent certificate for the Signal web client server and attempt to MitM the SSL connection (this threat is limited, but not eliminated, by the use of certificate transparency.) As @multithr3at3d pointed out, TLS inspection proxies at workplaces are a much more likely form of MiTM and could cause problems if your employer was interested in compromising your private conversation. However, in such a case, the employer owns the machine and would probably just install a keylogger on it, so you would have bigger problems.
This threat is amplified by the fact that such malicious modification of the code served can be done in a targeted manner. The server can ensure that only a specific user/client is served the modified malicious code. This significantly reduces the chances of the modifications being detected and exposed.
Actually we want to develop some chat service like Signal with a web-client, but this article made us confused about whether we should ship a web-client or not. Can anybody please explain it? This depends on your threat-model (or rather the threat-model of the intended audience of your chat service). Will those people just be using it for chatting with friends or communicating with colleagues? Or will it be used by whistle blowers trying to coordinate the disclosure of classified information with journalists? You will have to consider whether the risk outweighs the benefits and decide for yourself whether or not to ship a web client. If it's the former, then having a web client will not be a very big issue. This is closer to the use-case of WhatsApp and WhatsApp does have a web client. If it's the latter, then you had best follow Signal and stick to using desktop clients and apps which can be signed and their integrity verified.