this post was submitted on 07 Jul 2024
-1 points (40.0% liked)

Privacy

4194 readers
12 users here now

A community for Lemmy users interested in privacy

Rules:

  1. Be civil
  2. No spam posting
  3. Keep posts on-topic
  4. No trolling

founded 1 year ago
MODERATORS
[email protected]
-1
Signal under fire for storing encryption keys in plaintext (stackdiary.com)
submitted 4 months ago by [email protected] to c/[email protected]
3 comments fedilink hide all child comments
top 3 comments
sorted by: hot top controversial new old
[–] [email protected] 3 points 4 months ago* (last edited 4 months ago)

That's how encryption keys are typically stored.

If someone has enough access to your system that they can get to your stored encryption keys, you have much bigger problems.

[–] [email protected] 3 points 4 months ago

At-rest encryption is not something that Signal Desktop is currently trying to provide or has ever claimed to provide. Full-disk encryption can be enabled at the OS level on most desktop platforms.

[–] [email protected] 2 points 4 months ago

Next in the news: cloud infrastructure engineer had ssh keys in plain text on their MacBook exposing 99999 servers! Everything you ever stored on the internet is potentially compromised!