• poVoq
        link
        fedilink
        346 months ago

        If your system is compromised to such an extend, it really doesn’t make much difference how the keys are stored at rest.

        • @phoneymouse
          link
          26
          edit-2
          6 months ago

          If the keys are accessible to any process, your system doesn’t need to be compromised. All it takes is an App that you”trust” to break that trust and snatch everything up. Meta has already been caught fucking around with other social media apps on device. They even intercepted Snapchat traffic on some users devices in order to collect that data. It could be as simple as you installed WhatsApp and they went and pillaged your Signal files.

          • NekuSoul
            link
            fedilink
            76 months ago

            All it takes is an App that you”trust” to break that trust

            I get what you’re trying to say, but that’s something I’d classify as “compromised” as well.

            • @phoneymouse
              link
              11
              edit-2
              6 months ago

              For sure, just suggesting that “compromised” doesn’t necessarily mean you got hacked by someone because they tricked you into giving a password, or they scraped it from another website, or you installed something sketchy. It could be as simple as Microsoft scans all your files with AI, or Meta snoops other social media (which it has been caught doing).

              • @[email protected]
                link
                fedilink
                -16 months ago

                So you’re saying that the os itself is compromised? Gee, good luck protecting your processes from the fucking os, no matter how you do it.