Signal is finally tightening its desktop client's security by changing how it stores plain text encryption keys for the data store after downplaying the issue since 2018.
The comment about waiting until there’s twitter drama to fix something is spot on. It took them a few days to fix this and it could’ve saved them the bad publicity for such an obvious fix.
Others have been asking for a password prompt for years too. Using the local keychain is good, though a user-defined password is a good option too. However, many people have terrible opsec and would probably opt for horribly weak passwords.
The comment about waiting until there’s twitter drama to fix something is spot on. It took them a few days to fix this and it could’ve saved them the bad publicity for such an obvious fix.
Others have been asking for a password prompt for years too. Using the local keychain is good, though a user-defined password is a good option too. However, many people have terrible opsec and would probably opt for horribly weak passwords.
At least something has finally been done.
Anti Commercial-AI license