I have a hard time understanding the benefits of the keyring (e.g. GNOME keyring). I get the convenience parts - I don’t have to enter password for something every time I want to use it (e.g. mounted encrypted drive) and I don’t have to create a secret for some background stuff (applications keys). But the problem is, if I understand it correctly, that every application has the same access to my keyring, so, in theory, a malicious application can just read my Signal key and they can just read all my Signal messages right? Is there a point, then, in encrypting e.g. local database (like Signal) if the key to that database is readily available anyway? Any input is welcome. thanks!

  • dieTasse@feddit.orgOP
    link
    fedilink
    English
    arrow-up
    1
    ·
    11 hours ago

    How is this related to the keyring security issues? (Don’t get me wrong, it’s interesting news, and I already saw it in the Privacy sublemmy)

    • historicaldocuments@lemmy.world
      link
      fedilink
      arrow-up
      1
      ·
      38 minutes ago

      Ah, sorry.

      D-Bus has a similar mechanism to the one that got this hacker arrested. I guess I was expanding upon the previous conversation about how much stuff is considered inside the inner security circle for d-bus.