Nemeski@lemm.ee to Privacy Guides@lemmy.oneEnglish · 1 month agoSignal under fire for storing encryption keys in plaintextstackdiary.comexternal-linkmessage-square49fedilinkarrow-up1213arrow-down10cross-posted to: [email protected][email protected][email protected][email protected]
arrow-up1213arrow-down1external-linkSignal under fire for storing encryption keys in plaintextstackdiary.comNemeski@lemm.ee to Privacy Guides@lemmy.oneEnglish · 1 month agomessage-square49fedilinkcross-posted to: [email protected][email protected][email protected][email protected]
minus-squareTramort@programming.devlinkfedilinkEnglisharrow-up45·1 month agoIt is a super important detail, but it’s still unforgivable for an app that expects privacy to be part of its brand identity.
minus-squarebreadsmasher@lemmy.worldlinkfedilinkEnglisharrow-up8·1 month ago unforgivable yeah absolutely agreed
minus-squarebrakebreaker101@lemmy.worldlinkfedilinkEnglisharrow-up3·1 month agoThis is a big difference between privacy and security.
minus-squareTramort@programming.devlinkfedilinkEnglisharrow-up2·1 month agoAgreed But you can’t have privacy without security, and any privacy brand must have security in their bones.
minus-squareclaudiop@lemmy.worldlinkfedilinkEnglisharrow-up7·1 month agoYou can’t encrypt anything without a key. This is the key. If it wasn’t in plaintext then it would be encrypted. Then you’d need a key for that. Where do you put it? Phone OSs have mechanisms to solve this. Desktop ones do not.
It is a super important detail, but it’s still unforgivable for an app that expects privacy to be part of its brand identity.
yeah absolutely agreed
This is a big difference between privacy and security.
Agreed
But you can’t have privacy without security, and any privacy brand must have security in their bones.
You can’t encrypt anything without a key. This is the key. If it wasn’t in plaintext then it would be encrypted. Then you’d need a key for that. Where do you put it?
Phone OSs have mechanisms to solve this. Desktop ones do not.