Signal under fire for storing encryption keys in plaintext
Signal under fire for storing encryption keys in plaintext
stackdiary.com Signal under fire for storing encryption keys in plaintext
Popular encrypted messaging app Signal is facing criticism over a security issue in its desktop application. Researchers and app users are raising
6
crossposts
You're viewing a single thread.
View all comments
48
comments
Not storing it in plaintext would require setting up some kind of password, right?
33 0 ReplySome way to encrypt the decryption key.
This could also mean TPM + Pin. Or using a Nitrokey, externally, which stores the password to decrypt the decryption key.
That is how user account unlocking (on GrapheneOS with Pixel phones) is done.
15 0 Reply
You've viewed 48 comments.
Scroll to top