100 sats \ 1 reply \ @Zk2u 6 Jul \ parent \ on: Is Signal Messenger Compromised? security
So turns out electron (the tech that signal desktop is built on) has a safeStorage API that does exactly what I said. It uses the OS’s cryptography systems to store the keys to the db. Someone actually sent a PR implementing this but it seems to have been ignored. https://github.com/signalapp/Signal-Desktop/pull/6849
write
preview
13 sats \ 0 replies \ @Zk2u 8 Jul
Following up on this, yes macOS is generally the most secure option here. Windows’ keys use DPAPI, which protects keys from other users but not other apps, no different to Linux and what signal does here. macOS uses keychain which will stop apps from accessing other apps’ keychains even when on the same user. Generally Apple platform security is much higher than competitors and a much higher chance at fending off an attack than most systems
reply