My understanding is if you are using a desktop version of Signal, the data at rest may be encrypted in a sqlite database (it used to be, but no longer is?). The key, however, is stored next to it in the plaintext ~/.config/Signal/config.json.
So it wouldn't take any work at all to read the data...
Apparently, this is by design. The devs assert that the data and access should be protected by other means (full disk encryption, etc.).
There have been many calls to password protect the application, but they have been rejected.
The complaint, obviously, does not explain how FBI investigators had access to these communications.
So in this case with the seditionists, if the FBI have access to any of their desktops which they used for communication using Signal, they have all of those conversations "for free".
If you go to their page to delete your account it says that they may require a government issue photo ID.
They do require it. They have removed all other ways to communicate with them. You can't even login and submit a support ticket without it. The callback and live chat options are disabled.
I don't know how an ID is going to help verify anything since they don't have full names and email addresses for these accounts (in all cases).
This appears to be a way to try to stop the bleeding for their shareholders' benefit.
It's not necessarily all encrypted
My understanding is if you are using a desktop version of Signal, the data at rest may be encrypted in a sqlite database (it used to be, but no longer is?). The key, however, is stored next to it in the plaintext
~/.config/Signal/config.json
.So it wouldn't take any work at all to read the data...
Apparently, this is by design. The devs assert that the data and access should be protected by other means (full disk encryption, etc.).
There have been many calls to password protect the application, but they have been rejected.
So in this case with the seditionists, if the FBI have access to any of their desktops which they used for communication using Signal, they have all of those conversations "for free".
/div>(untitled comment)
There's an analysis of Blizzard's statement at Rock Paper Shotgun that points out some of the inconsistencies and issues with it.
It's very much a non-retraction.
/div>Re: Re: Re: "asmaloney" ZOMBIE SEVEN YEAR GAP!
Thanks Paul!
Actually I don't usually read comments on articles either (here or anywhere really) :-)
This person is a great example of why - and I got it on my first try!
There's too much garbage to sort through & I have better things to do - like reading a book, going for a walk, or having coffee with a friend.
Happy Thanksgiving from Canada!
/div>Re: "asmaloney" ZOMBIE SEVEN YEAR GAP!
laughing
Are you talking about my account?
I've been a reader here for a very long time, I just don't comment (here or anywhere really).
This issue pissed me off, so I decided to mention it.
No conspiracy here.
/div>Re: Re: Blizzard also making it difficult to delete accounts
There's nothing to verify against other than the fact that I control the email address. They have no information about me.
So an ID is not going to help.
/div>Blizzard also making it difficult to delete accounts
If you go to their page to delete your account it says that they may require a government issue photo ID.
They do require it. They have removed all other ways to communicate with them. You can't even login and submit a support ticket without it. The callback and live chat options are disabled.
I don't know how an ID is going to help verify anything since they don't have full names and email addresses for these accounts (in all cases).
This appears to be a way to try to stop the bleeding for their shareholders' benefit.
/div>Re: Get over it.
ABC renames SOPA
SOPA == Stop Online Privacy Act
A better name, no?/div>
Techdirt has not posted any stories submitted by asmaloney.
Submit a story now.
Tools & Services
TwitterFacebook
RSS
Podcast
Research & Reports
Company
About UsAdvertising Policies
Privacy
Contact
Help & FeedbackMedia Kit
Sponsor/Advertise
Submit a Story
More
Copia InstituteInsider Shop
Support Techdirt