Mastodon Feed
Reblogged by nadim@infosec.exchange ("Nadim Kobeissi"):
Hi Meredith, let me address your points:
- The issue we highlighted does not require “full” access to the device. Signal desktop stores the chat database in an unprotected area of the file system that’s accessible by any user process. This would allow any program without any special permissions or user prompts to access the database in full. This can be solved by sandboxing, which relies on the OS to prevent any process from accessing data within the sandbox.
… 🧵 1/4