- cross-posted to:
- privacy@lemmy.world
- privacy@lemmy.ca
- cross-posted to:
- privacy@lemmy.world
- privacy@lemmy.ca
How in the removed are people actually defending signal for this, and with stupid arguments such as windows is compromised out of the box?
You. Don’t. Store. Secrets. In. Plaintext.
There is no circumstance where an app should store its secrets in plaintext, and there is no secret which should be stored in plaintext. Especially since this is not some random dudes random project, but a messenger claiming to be secure.
Edit: “If you got malware then this is a problem anyway and not only for signal” - no, because if secure means to store secrets are used, than they are encrypted or not easily accessible to the malware, and require way more resources to obtain. In this case, someone would only need to start a process on your machine. No further exploits, no malicious signatures, no privilege escalations.
“you need device access to exploit this” - There is no exploiting, just reading a file.
You. Don’t. Store. Secrets. In. Plaintext.
SSH stores the secret keys in plaintext too. In a home dir accessible only by the owning user.
I won’t speak about Windows but on Linux and other Unix systems the presumption is that if your home dir is compromised you’re removeded anyway. Effort should be spent on actually protecting access to the home personal files not on security theater.
E2EE is not supposed to protect if device get compromised.
One could argue that Windows is compromised right out of the box.
Source:
Microsoft are integrating adware and spyware straight into the os.