Arguably, but what if the company wants to find proof of, say, two employees colluding to exfiltrate sensitive data or something like that? Would they have to convince them to turn in the PGP signed logs?
More generally like the parent I don't see why a company couldn't have full control over their corporate tools.
> two employees colluding to exfiltrate sensitive data or something like that
In that case spying Slack usage is simply not enough: the employer should need to spy every single move every employee makes inside and outside the company, which of course it's not possible (well, except if the company is located in a fascist state).
What if those two employees collude to do something like that via their own private phones? Should employers have access to those too?
It doesn't seem to me like any of this really does anything, since there are (and should be) plenty of ways that employees can communicate without their employer having access.
There are security issues here that you may not be aware. For one example, if technically knowledgeable people want to falsify signed logs without having the signing key, they can simply keep a separate set of logs with actual innocuous conversations. Slack would sign those in your scenario without a problem. This is the canonical problem of keeping "double-books".
While I agree with auditable access to employee DMs, there is a middle ground solution that trivially solves the problem you've presented. Instead of providing the employer with access to the employee's messages directly, logs can be signed at both the blob and message level. Then if an employee selectively turns over only some of their logs, the mismatch will be readily apparent.
Of course it can be solved! I was pointing out that the prior comment was incorrect.
If an employee is in possession of chat logs that if divulged will get them fired, they can simply delete the logs. "Sorry, the drive crashed. IT is working to fix it right now." Stepwise refinement to insecurely re-create security solutions is one of the reasons for many security vulnerabilities.
Logs are well understood, and logging of sensitive information is not just a small technical issue but a security issue. The same way that people shouldn't design their own crypto, when people design logging mechanisms for sensitive data, which is seemingly simple, they will almost always introduce these security errors, as in your post.
Unfortunately, there are also a number of legal issues (and possibly compliance issues) that need to be accounted for from redaction to anonymity and from GDPR to encryption.
Not sure what you mean by blobs? If Slack implemented a scheme like this, they should sign a message which includes metadata like the org name, channel name and timestamps in addition to text.
By blob I mean an archive dump of every message and the metadata you're describing. If that dump is hashed, selectively presenting messages in the dump is obvious.
