Nemeski@lemm.ee to privacy@lemmy.ca · 6 个月前Signal under fire for storing encryption keys in plaintextstackdiary.comexternal-linkmessage-square16fedilinkarrow-up182arrow-down119cross-posted to: cybersecurity@sh.itjust.worksprivacy@lemmy.worldprivacy@lemmy.mltechnology@lemmy.worldfoss@beehaw.orgprivacyguides@lemmy.one
arrow-up163arrow-down1external-linkSignal under fire for storing encryption keys in plaintextstackdiary.comNemeski@lemm.ee to privacy@lemmy.ca · 6 个月前message-square16fedilinkcross-posted to: cybersecurity@sh.itjust.worksprivacy@lemmy.worldprivacy@lemmy.mltechnology@lemmy.worldfoss@beehaw.orgprivacyguides@lemmy.one
minus-squarepsvrh@lemmy.calinkfedilinkarrow-up4·6 个月前Doesn’t… doesn’t then OpenSSH client store keys in text files? I’m trying to figure out how this is an issue, other than maybe Signal should be using an OS level keystore.
minus-squareJerkface (any/all)@lemmy.calinkfedilinkEnglisharrow-up1·6 个月前They are text files but they are not “plaintext”. They are (optionally) encrypted with a user-supplied password. That is why you need ssh-agent to stay sane.
Doesn’t… doesn’t then OpenSSH client store keys in text files?
I’m trying to figure out how this is an issue, other than maybe Signal should be using an OS level keystore.
They are text files but they are not “plaintext”. They are (optionally) encrypted with a user-supplied password. That is why you need
ssh-agentto stay sane.