• poVoq
      link
      fedilink
      346 months ago

      If your system is compromised to such an extend, it really doesn’t make much difference how the keys are stored at rest.

      • @phoneymouse
        link
        26
        edit-2
        6 months ago

        If the keys are accessible to any process, your system doesn’t need to be compromised. All it takes is an App that you”trust” to break that trust and snatch everything up. Meta has already been caught fucking around with other social media apps on device. They even intercepted Snapchat traffic on some users devices in order to collect that data. It could be as simple as you installed WhatsApp and they went and pillaged your Signal files.

        • NekuSoul
          link
          fedilink
          76 months ago

          All it takes is an App that you”trust” to break that trust

          I get what you’re trying to say, but that’s something I’d classify as “compromised” as well.

          • @phoneymouse
            link
            11
            edit-2
            6 months ago

            For sure, just suggesting that “compromised” doesn’t necessarily mean you got hacked by someone because they tricked you into giving a password, or they scraped it from another website, or you installed something sketchy. It could be as simple as Microsoft scans all your files with AI, or Meta snoops other social media (which it has been caught doing).

            • @[email protected]
              link
              fedilink
              -16 months ago

              So you’re saying that the os itself is compromised? Gee, good luck protecting your processes from the fucking os, no matter how you do it.