Signal under fire for storing encryption keys in plaintext on desktop app
Signal under fire for storing encryption keys in plaintext on desktop app
Popular encrypted messaging app Signal is facing criticism over a security issue in its desktop application. Researchers and app users are raising
You're viewing a single thread.
Whatever its stores and however it stores it doesn't matter to me: I moved its storage space to my ~/.Private encrypted directory. Same thing for my browser: I don't use a master password or rely on its encryption because I set it up so it too saves my profile in the ~/.Private directory.
See here for more information. You can essentially secure any data saved by any app with eCryptfs - at least when you're logged out.
Linux-only of course. In Windows... well, Windows.
Or ext4 encrytion. Which is overpowered. You can have different keys for different files and directories.