Signal Desktop Bug Completely Exposes Decryption Key

Signal Desktop Bug Completely Exposes Decryption Key

Software developer Nathaniel Suchy recently revealed a problem with Signal Desktop which exposes the key used to decrypt encrypted messages locally stored by the application.  

Suchy said that the messaging application automatically generates and stores the encryption key to a local file called %AppData%\Signal\config.json on PCs and on a Mac at ~/Library/Application Support/Signal/config.json. which can readily be opened by any user.

Signal has already been alerted by Bleeping Computer via Twitter, but has yet to issue a response on the matter.

Source: Bleeping Computer

Disini & Disini Law Office
info@privacy.com.ph