ForgottenFlux@lemmy.world to Privacy@lemmy.mlEnglish · 9 个月前Signal under fire for storing encryption keys in plaintext on desktop appstackdiary.comexternal-linkmessage-square253fedilinkarrow-up1514arrow-down130cross-posted to: [email protected][email protected][email protected][email protected][email protected]
arrow-up1484arrow-down1external-linkSignal under fire for storing encryption keys in plaintext on desktop appstackdiary.comForgottenFlux@lemmy.world to Privacy@lemmy.mlEnglish · 9 个月前message-square253fedilinkcross-posted to: [email protected][email protected][email protected][email protected][email protected]
minus-squarefuzzzerdlinkfedilinkEnglisharrow-up5arrow-down1·9 个月前I was just nodding along, reading your post thinking, yup, agreed. Until I saw there was a PR to fix it that signal ignored, that seems odd and there must be some mitigating circumstances on why they haven’t merged it. Otherwise that’s just inexcusable.
minus-square𝙲𝚑𝚊𝚒𝚛𝚖𝚊𝚗 𝙼𝚎𝚘𝚠linkfedilinkarrow-up7·9 个月前The PR had some issues regarding files that were pushed that shouldn’t have been, adding refactors that should have been in separate PRs, etc… Though the main reason is that Signal doesn’t consider this issue a part of their threat model.
I was just nodding along, reading your post thinking, yup, agreed. Until I saw there was a PR to fix it that signal ignored, that seems odd and there must be some mitigating circumstances on why they haven’t merged it.
Otherwise that’s just inexcusable.
The PR had some issues regarding files that were pushed that shouldn’t have been, adding refactors that should have been in separate PRs, etc…
Though the main reason is that Signal doesn’t consider this issue a part of their threat model.