Signal downplays encryption key flaw, fixes it after X drama
Signal downplays encryption key flaw, fixes it after X drama
www.bleepingcomputer.com Signal downplays encryption key flaw, fixes it after X drama
Signal is finally tightening its desktop client's security by changing how it stores plain text encryption keys for the data store after downplaying the issue since 2018.
You're viewing a single thread.
6 comments
The comment about waiting until there's twitter drama to fix something is spot on. It took them a few days to fix this and it could've saved them the bad publicity for such an obvious fix.
Others have been asking for a password prompt for years too. Using the local keychain is good, though a user-defined password is a good option too. However, many people have terrible opsec and would probably opt for horribly weak passwords.
At least something has finally been done.
6 comments