Signal under fire for storing encryption keys in plaintext
Signal under fire for storing encryption keys in plaintext
Popular encrypted messaging app Signal is facing criticism over a security issue in its desktop application. Researchers and app users are raising
![Signal under fire for storing encryption keys in plaintext](https://lemm.ee/api/v3/image_proxy?url=https%3A%2F%2Fstackdiary.com%2Fwp-content%2Fuploads%2F2024%2F07%2Fsignal-app-under-fire-for-security-issue.jpg&format=webp&thumbnail=256)
You're viewing a single thread.
on desktop devices
Kinda should have been in the headline
114 0 ReplyIt is a super important detail, but it's still unforgivable for an app that expects privacy to be part of its brand identity.
42 0 Replyunforgivable
yeah absolutely agreed
7 0 ReplyThis is a big difference between privacy and security.
1 0 ReplyAgreed
But you can't have privacy without security, and any privacy brand must have security in their bones.
0 0 ReplyYou can't encrypt anything without a key. This is the key. If it wasn't in plaintext then it would be encrypted. Then you'd need a key for that. Where do you put it?
Phone OSs have mechanisms to solve this. Desktop ones do not.
4 0 Reply