Signal under fire for storing encryption keys in plaintext
stackdiary.comPopular encrypted messaging app Signal is facing criticism over a security issue in its desktop application. Researchers and app users are raising
You must log in or register to comment.
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
- Don’t promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
- 0 users online
- 57 users / day
- 383 users / week
- 1.5K users / month
- 5.7K users / 6 months
- 1 subscriber
- 2.81K Posts
- 70.6K Comments
- Modlog
You are telling me this has been going on for almost a decade now, and no one ever noticed ?
So we trust open source apps under the premise that if malicious code gets added to the code, at least one person will notice ? Here it shows that years pass before anyone notices and millions of people’s communications could have been compromised by the world’s most trusted messaging app.
I don’t know which app to trust after this, if any?
Why is this a shock? Someone would need to have already compromised your device. Even if it was encrypted with a password they still could install a key logger
It is easier to compromise a device than to try and compromise encrypted communications.
Matrix. You can host any version you want, and when you have to update, just do a version diff between you current and latest versions and check yourself.
Everyone knew that already tbh