Conversation
Notices
-
Embed this notice
@chris It has improved! The sqlite database is still encrypted the same way but now the value in the JSON key file is encrypted with a password stored in the Keychain. Malware should not be able to read it now.
When I checked it was still storing attachments unencrypted but I tested by using the saved / notes / send message to self feature so perhaps somehow that's a different codepath and they skipped it, but there was a huge commit in their repo that showed they would be encrypting attachments