@wrw @mttaggart @TindrasGrove tbh I was pissed off when I couldn't use titanium backup for signal on android any more...
Conversation
Notices
-
Embed this notice
Ryan Castellucci :nonbinary_flag: (ryanc@infosec.exchange)'s status on Saturday, 06-Jul-2024 23:46:34 JST 
Ryan Castellucci :nonbinary_flag:
-
Embed this notice
wrw (wrw@infosec.exchange)'s status on Sunday, 07-Jul-2024 00:04:56 JST 
wrw
@ryanc @mttaggart @TindrasGrove
There's inherently a conflict between being able to uniquely identify devices and being able to perfectly (clone) back them up. I understand why Signal made the trade-off they did on mobile, but I also miss being able to back everything up on my phone perfectly.
-
Embed this notice
Ryan Castellucci :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 07-Jul-2024 05:18:03 JST
Ryan Castellucci :nonbinary_flag:
@alxlg @wrw @mttaggart @TindrasGrove The level of security provided by those secret services is a fig leaf at best - if they're not unlocked when a compromise happens they soon will be.
I simply store all my passwords in a text file called ~/research/malware/unknown_dropper_23.exe which I've added a PE header to.
(not really, but this would probably provide better protection than many security tools against anything short of a full forensic investigation...)
-
Embed this notice
Alex L 🕊 🇵🇸 (alxlg@mastodon.social)'s status on Sunday, 07-Jul-2024 05:18:04 JST 
Alex L 🕊 🇵🇸
@wrw @ryanc @mttaggart @TindrasGrove
I don't know other platforms but on Linux I have no issue if the application uses Secret Service API or KDE Kwallet or GNOME Keyring.
This plus encrypting the disk and you are fine until there is a security flaw in the software involved.
You can clone your disk and an attacker could too, but you can unlock it, the attacker not.
-
Embed this notice
All GNU social JP content and data are available under the