• poVoq@slrpnk.net
      link
      fedilink
      arrow-up
      49
      arrow-down
      14
      ·
      5 months ago

      If your system is compromised to such an extend, it really doesn’t make much difference how the keys are stored at rest.

      • phoneymouse@lemmy.world
        link
        fedilink
        arrow-up
        35
        arrow-down
        8
        ·
        edit-2
        5 months ago

        If the keys are accessible to any process, your system doesn’t need to be compromised. All it takes is an App that you”trust” to break that trust and snatch everything up. Meta has already been caught fucking around with other social media apps on device. They even intercepted Snapchat traffic on some users devices in order to collect that data. It could be as simple as you installed WhatsApp and they went and pillaged your Signal files.

        • NekuSoul@lemmy.nekusoul.de
          link
          fedilink
          arrow-up
          12
          arrow-down
          5
          ·
          5 months ago

          All it takes is an App that you”trust” to break that trust

          I get what you’re trying to say, but that’s something I’d classify as “compromised” as well.

          • phoneymouse@lemmy.world
            link
            fedilink
            arrow-up
            13
            arrow-down
            2
            ·
            edit-2
            5 months ago

            For sure, just suggesting that “compromised” doesn’t necessarily mean you got hacked by someone because they tricked you into giving a password, or they scraped it from another website, or you installed something sketchy. It could be as simple as Microsoft scans all your files with AI, or Meta snoops other social media (which it has been caught doing).

            • Zpiritual@lemm.ee
              link
              fedilink
              arrow-up
              3
              arrow-down
              4
              ·
              5 months ago

              So you’re saying that the os itself is compromised? Gee, good luck protecting your processes from the fucking os, no matter how you do it.