Comment on Signal under fire for storing encryption keys in plaintext on desktop app

root@precious.net ⁨4⁩ ⁨months⁩ ago

Under normal circumstances I wouldn’t expect any privacy between processes on a desktop OS under the same UID.

If you use Chrome’s password manager on Windows your password database is unlocked with your password upon login and is available to every process you run.

There’s only so much you can do, as an app, to protect against OS deficiencies.

The desktop app on Windows is a sacrifice of security for convenience.

source
Sort:hotnewtop