Gregory's ServerThanks for your reaction.
If I'm not mistaken, it's not "full access" that is required though (i.e., no root password is necessary to access the sqlite database and the password).
Leaving such a sensitive information accessible to *any* process is sloppy.
|
2 comments
 @MaybeMyMonkeys @lienrag @Mer__edith it literally doesn't matter. At the point that something is actively detecting that signal is installed and trying to get data in the machine it can do anything. Screenshots, keylogger, access files, intercept the network, etc. It's basically not possible to have Signal app installed and running in windows in a way that doesn't allow malicious things running from getting wtv it wants. The whole thing is blown out of proportion. Don't use it on windows. |
@lienrag @Mer__edith if a machine is compromised, all you need to do is screen captures at short intervals to get a lot of useful information. Not passwords required.