480
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 06 Jul 2024
480 points (94.3% liked)
Privacy
31387 readers
704 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
founded 4 years ago
MODERATORS
It's not a bad feature to ensure that eg if there's a malicious process running on your computer it can't send all your signal data to whomever
Needing to enter a secure passphrase each time you want to use signal in exchange for one more fragile layer of defence for that one part of your data in a scenario that would normally mean you've already lost unless you're running a super-secure compartmentalized operating system like qubes or something is probably not worth it for most people.
I already enter a passphrase every time I want to use Signal; I use the Molly client on my phone. It's really not a big deal. I also enter a passphrase every time I launch my password manager, every time I launch my two-factor authentication app on my phone, and every time I open my email client. I think it's fairly standard to protect sensitive data on your computer with encryption at rest and to decrypt it upon launching the application that handles the data.
This has nothing to do with the mobile app, which also has password/biometric unlocking, it's about the desktop electron app.
I know. I never said it was about the mobile app?
You did but it says "desktop" right in the page title.
I'm now genuinely not sure what you're saying. I did what? I said it was about the mobile app? I didn't say it was about the mobile app?
If I'm not mistaken you were talking about how things work "on my phone" but I suppose you had in mind that the principle would apply to desktop as well.
In practice it does somewhat come down to how well containerized and locked-down the environment is, so I think the difference does matter. Android for instance sucks in very many ways, but it's somewhat reliable in usually keeping apps from interfering with each other. There are a few desktops that try to do that, but they're still not too popular I think. Desktop users are used to having full control of everything. Seems to me the pervasive compartmentalization of everything (it wouldn't be sufficient for the purposes we're talking about to put only Signal in a secure container) is accepted as necessary on mobile devices mostly because so many of the apps are terrible.
Yes, I was using it as a comparator as an example as to why it's not a big deal to type a password every time you open an app, which I don't think is any different between mobile and desktop.