@[email protected] to [email protected]English • 7 months agoDownsides of Signal alternatives compared to Signal?message-square84fedilinkarrow-up190arrow-down17file-text
arrow-up183arrow-down1message-squareDownsides of Signal alternatives compared to Signal?@[email protected] to [email protected]English • 7 months agomessage-square84fedilinkfile-text
I’m thinking of the things listed on the Privacy Guides real-time communication section https://www.privacyguides.org/en/real-time-communication/
minus-square@[email protected]linkfedilinkEnglish5•edit-27 months agoBrute forcing 4-6 digit pins is trivial. And even if the user set a actual password, it’s still very trivial https://blog.cryptographyengineering.com/2020/07/10/a-few-thoughts-about-signals-secure-value-recovery/
minus-square@[email protected]linkfedilink2•7 months ago“Very trivial” if they set a proper password? Yet the source you provide says it’s robustly secure
minus-square@[email protected]linkfedilinkEnglish0•7 months agoI can’t find the phrase robustly secure in the last link: https://blog.cryptographyengineering.com/2020/07/10/a-few-thoughts-about-signals-secure-value-recovery/ Signal asks users to set a pin/password which needs to be periodically reentered. This discourages people from using high entropy passwords like BIP38.
Brute forcing 4-6 digit pins is trivial.
And even if the user set a actual password, it’s still very trivial
https://blog.cryptographyengineering.com/2020/07/10/a-few-thoughts-about-signals-secure-value-recovery/
“Very trivial” if they set a proper password? Yet the source you provide says it’s robustly secure
I can’t find the phrase robustly secure in the last link:
https://blog.cryptographyengineering.com/2020/07/10/a-few-thoughts-about-signals-secure-value-recovery/
Signal asks users to set a pin/password which needs to be periodically reentered. This discourages people from using high entropy passwords like BIP38.