@AprilF00lz@lemmy.ml to Privacy@lemmy.mlEnglish • 7 months agoDownsides of Signal alternatives compared to Signal?message-square87fedilinkarrow-up193arrow-down15file-text
arrow-up188arrow-down1message-squareDownsides of Signal alternatives compared to Signal?@AprilF00lz@lemmy.ml to Privacy@lemmy.mlEnglish • 7 months agomessage-square87fedilinkfile-text
I’m thinking of the things listed on the Privacy Guides real-time communication section https://www.privacyguides.org/en/real-time-communication/
minus-square@jet@hackertalks.comlinkfedilinkEnglish4•edit-27 months agoBrute forcing 4-6 digit pins is trivial. And even if the user set a actual password, it’s still very trivial https://blog.cryptographyengineering.com/2020/07/10/a-few-thoughts-about-signals-secure-value-recovery/
minus-square@ryannathans@aussie.zonelinkfedilink2•7 months ago“Very trivial” if they set a proper password? Yet the source you provide says it’s robustly secure
minus-square@jet@hackertalks.comlinkfedilinkEnglish0•7 months agoI can’t find the phrase robustly secure in the last link: https://blog.cryptographyengineering.com/2020/07/10/a-few-thoughts-about-signals-secure-value-recovery/ Signal asks users to set a pin/password which needs to be periodically reentered. This discourages people from using high entropy passwords like BIP38.
Brute forcing 4-6 digit pins is trivial.
And even if the user set a actual password, it’s still very trivial
https://blog.cryptographyengineering.com/2020/07/10/a-few-thoughts-about-signals-secure-value-recovery/
“Very trivial” if they set a proper password? Yet the source you provide says it’s robustly secure
I can’t find the phrase robustly secure in the last link:
https://blog.cryptographyengineering.com/2020/07/10/a-few-thoughts-about-signals-secure-value-recovery/
Signal asks users to set a pin/password which needs to be periodically reentered. This discourages people from using high entropy passwords like BIP38.