• poVoq@slrpnk.net
    link
    fedilink
    arrow-up
    49
    arrow-down
    14
    ·
    5 months ago

    If your system is compromised to such an extend, it really doesn’t make much difference how the keys are stored at rest.

    • phoneymouse@lemmy.world
      link
      fedilink
      arrow-up
      35
      arrow-down
      8
      ·
      edit-2
      5 months ago

      If the keys are accessible to any process, your system doesn’t need to be compromised. All it takes is an App that you”trust” to break that trust and snatch everything up. Meta has already been caught fucking around with other social media apps on device. They even intercepted Snapchat traffic on some users devices in order to collect that data. It could be as simple as you installed WhatsApp and they went and pillaged your Signal files.

      • NekuSoul@lemmy.nekusoul.de
        link
        fedilink
        arrow-up
        12
        arrow-down
        5
        ·
        5 months ago

        All it takes is an App that you”trust” to break that trust

        I get what you’re trying to say, but that’s something I’d classify as “compromised” as well.

        • phoneymouse@lemmy.world
          link
          fedilink
          arrow-up
          13
          arrow-down
          2
          ·
          edit-2
          5 months ago

          For sure, just suggesting that “compromised” doesn’t necessarily mean you got hacked by someone because they tricked you into giving a password, or they scraped it from another website, or you installed something sketchy. It could be as simple as Microsoft scans all your files with AI, or Meta snoops other social media (which it has been caught doing).

          • Zpiritual@lemm.ee
            link
            fedilink
            arrow-up
            3
            arrow-down
            4
            ·
            5 months ago

            So you’re saying that the os itself is compromised? Gee, good luck protecting your processes from the fucking os, no matter how you do it.