105

Signal under fire for storing encryption keys in plaintext(stackdiary.com)

posted
*
by
Avatar
Recant@beehaw.org
in
Avatar
foss@beehaw.org
46 comments
hidereport

As mentioned in the comments, plain text keys aren’t bad because they are necessary. You have to have at least one plain text key in order to be able to use encryption

Sort:
HotTopControversialNewOld
You are viewing a single thread.
View all comments
Avatar
i_am_not_a_robot@discuss.tchncs.de
3 points

The link is broken, but this is apparently an issue with Signal Desktop, not regular Signal. The proposed solution does not work on Windows: https://www.electronjs.org/docs/latest/api/safe-storage

[…] content is protected from other users on the same machine, but not from other apps running in the same userspace.

It’s unfortunately about the best you can do on Windows.

permalink
report
reply
Avatar
Recant@beehaw.orgOP
1 point

Thanks for the heads up on the broken link! I fixed it.

permalink
report
parent
reply

Free and Open Source Software

!foss@beehaw.org

Create post

If it’s free and open source and it’s also software, it can be discussed here. Subcommunity of Technology.

This community’s icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

Community stats

  • 769

    Monthly active users

  • 413

    Posts

  • 2.2K

    Comments

Community moderators