this post was submitted on 07 Jul 2024
15 points (64.2% liked)

Privacy

3931 readers
13 users here now

A community for Lemmy users interested in privacy

Rules:

  1. Be civil
  2. No spam posting
  3. Keep posts on-topic
  4. No trolling

founded 1 year ago
MODERATORS
[email protected]
15
Signal under fire for storing encryption keys in plaintext (stackdiary.com)
submitted 1 month ago by [email protected] to c/[email protected]
3 comments fedilink hide all child comments
top 3 comments
sorted by: hot top controversial new old
[–] [email protected] 39 points 1 month ago* (last edited 1 month ago)

That's how encryption keys are typically stored.

If someone has enough access to your system that they can get to your stored encryption keys, you have much bigger problems.

[–] [email protected] 38 points 1 month ago

At-rest encryption is not something that Signal Desktop is currently trying to provide or has ever claimed to provide. Full-disk encryption can be enabled at the OS level on most desktop platforms.

[–] [email protected] 5 points 1 month ago

Next in the news: cloud infrastructure engineer had ssh keys in plain text on their MacBook exposing 99999 servers! Everything you ever stored on the internet is potentially compromised!