109
Signal under fire for storing encryption keys in plaintext (stackdiary.com)
submitted 4 months ago* (last edited 4 months ago) by Recant@beehaw.org to c/foss@beehaw.org
46 comments fedilink hide all child comments

As mentioned in the comments, plain text keys aren't bad because they are necessary. You have to have at least one plain text key in order to be able to use encryption

you are viewing a single comment's thread
view the rest of the comments
[-] hedgehog@ttrpg.network 1 points 4 months ago

It isn’t, because their business practices violate the four FOSS essential freedoms:

  1. The freedom to run the program for any purpose
  2. The freedom to study and modify the program
  3. The freedom to redistribute copies of the original or modified program
  4. The freedom to distribute modified versions of the program

Specifically, freedom 4 is violated, because you are not permitted to distribute a modified version of the program that connects to the Signal servers (even if all your modified version does is to remove Google Play Services or something similar).

[-] jet@hackertalks.com 4 points 4 months ago

Molly.im

The license does not prevent number four from happening, they just ask people not to do it

this post was submitted on 06 Jul 2024
109 points (100.0% liked)

Free and Open Source Software

17949 readers
96 users here now

If it's free and open source and it's also software, it can be discussed here. Subcommunity of Technology.

This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
Gaywallet@beehaw.org
alyaza@beehaw.org