Linux and Tech News

2102 readers

1 users here now

This is where all the News about Linux and Linux adjacent things goes. We'll use some of the articles here for the show! You can watch or listen at:

You can also get involved at our forum here on Lemmy:

User Space Forum

Or just get the most recent episode of the show here:

The Show

founded 2 years ago

MODERATORS

leo@lemmy.linuxuserspace.show

Signal downplays encryption key flaw, fixes it after X drama (www.bleepingcomputer.com)

submitted 1 year ago by leo@lemmy.linuxuserspace.show to c/news@lemmy.linuxuserspace.show

6 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] suburban_hillbilly@lemmy.ml 9 points 1 year ago (1 children)

"The database key was never intended to be a secret. At-rest encryption is not something that Signal Desktop is currently trying to provide or has ever claimed to provide," responded the Signal employee.

Tl:dr Signal is 'insecure' in the same way your mail is 'insecure' after you've opened it and it's sitting on your counter. What, you don't keep you mailed locked up inside you own house just in case someone breaks in?

[–] RvTV95XBeo@sh.itjust.works 7 points 1 year ago (1 children)

I actually manually hash every letter I receive using a rotating cypher kept in a secure vault. Always rough when the letters include images... Had to invest in a storage unit for the pixel-by-pixel encryption of last year's Christmas cards.

[–] radivojevic@discuss.online 2 points 1 year ago (1 children)

This is why I refuse to communicate sensitive information outside of telepathy. Know what I mean? 😵‍💫

[–] RvTV95XBeo@sh.itjust.works 2 points 1 year ago (1 children)

Yeah I do, but please stop sending me unsolicited dick 'paths. Just because they're secure doesn't mean they're wanted.

[–] radivojevic@discuss.online 2 points 1 year ago

Sorry, my aim is poor. They were meant for your mom.