Nemeski to Privacy Guides@lemmy.oneEnglish • 6 months agoSignal under fire for storing encryption keys in plaintextstackdiary.comexternal-linkmessage-square45fedilinkarrow-up1213arrow-down10cross-posted to: cybersecurity@sh.itjust.worksprivacy@lemmy.worldprivacy@lemmy.mltechnology@lemmy.worldfoss@beehaw.orgprivacy@lemmy.ca
arrow-up1213arrow-down1external-linkSignal under fire for storing encryption keys in plaintextstackdiary.comNemeski to Privacy Guides@lemmy.oneEnglish • 6 months agomessage-square45fedilinkcross-posted to: cybersecurity@sh.itjust.worksprivacy@lemmy.worldprivacy@lemmy.mltechnology@lemmy.worldfoss@beehaw.orgprivacy@lemmy.ca
minus-square@breadsmasher@lemmy.worldlinkfedilinkEnglish121•6 months ago on desktop devices Kinda should have been in the headline
minus-square@Tramort@programming.devlinkfedilinkEnglish45•6 months agoIt is a super important detail, but it’s still unforgivable for an app that expects privacy to be part of its brand identity.
minus-square@breadsmasher@lemmy.worldlinkfedilinkEnglish8•6 months ago unforgivable yeah absolutely agreed
minus-square@brakebreaker101@lemmy.worldlinkfedilinkEnglish3•6 months agoThis is a big difference between privacy and security.
minus-square@Tramort@programming.devlinkfedilinkEnglish3•6 months agoAgreed But you can’t have privacy without security, and any privacy brand must have security in their bones.
minus-square@claudiop@lemmy.worldlinkfedilinkEnglish7•6 months agoYou can’t encrypt anything without a key. This is the key. If it wasn’t in plaintext then it would be encrypted. Then you’d need a key for that. Where do you put it? Phone OSs have mechanisms to solve this. Desktop ones do not.
Kinda should have been in the headline
It is a super important detail, but it’s still unforgivable for an app that expects privacy to be part of its brand identity.
yeah absolutely agreed
This is a big difference between privacy and security.
Agreed
But you can’t have privacy without security, and any privacy brand must have security in their bones.
You can’t encrypt anything without a key. This is the key. If it wasn’t in plaintext then it would be encrypted. Then you’d need a key for that. Where do you put it?
Phone OSs have mechanisms to solve this. Desktop ones do not.