Signal is finally tightening its desktop client's security by changing how it stores plain text encryption keys for the data store after downplaying the issue since 2018.
“The database key was never intended to be a secret. At-rest encryption is not something that Signal Desktop is currently trying to provide or has ever claimed to provide,” responded the Signal employee.
Tl:dr Signal is ‘insecure’ in the same way your mail is ‘insecure’ after you’ve opened it and it’s sitting on your counter. What, you don’t keep you mailed locked up inside you own house just in case someone breaks in?
I actually manually hash every letter I receive using a rotating cypher kept in a secure vault. Always rough when the letters include images… Had to invest in a storage unit for the pixel-by-pixel encryption of last year’s Christmas cards.
Tl:dr Signal is ‘insecure’ in the same way your mail is ‘insecure’ after you’ve opened it and it’s sitting on your counter. What, you don’t keep you mailed locked up inside you own house just in case someone breaks in?
I actually manually hash every letter I receive using a rotating cypher kept in a secure vault. Always rough when the letters include images… Had to invest in a storage unit for the pixel-by-pixel encryption of last year’s Christmas cards.
This is why I refuse to communicate sensitive information outside of telepathy. Know what I mean? 😵💫
Yeah I do, but please stop sending me unsolicited dick 'paths. Just because they’re secure doesn’t mean they’re wanted.
Sorry, my aim is poor. They were meant for your mom.