> I'm sad that a lot more people don't know that Signal for Desktop is much, much less secure against adversaries with your laptop
Educate us. What makes it less secure?
> I'm sad that a lot more people don't know that Signal for Desktop is much, much less secure against adversaries with your laptop
Educate us. What makes it less secure?
In addition to what the other person who replied said, ignoring that iOS/Android/iPadOS is far more secure than macOS, laptops have significantly less hardware-based protections than Pixel/Samsung/Apple mobile devices do. So really the only way a laptop in this situation would be truly secure from LEO is if its fully powered off when it’s seized.
ARM/M1 macOS took their hardware platform from iOS. TEE, signed/verified/readonly system files, etc. They are similar in security now.
[1] https://asahilinux.org/docs/platform/security/ [2] https://support.apple.com/guide/security/hardware-security-o... [3] https://eclecticlight.co/2022/01/04/booting-an-m1-mac-from-h...
The key in the desktop version is not always stored in the secure enclave, is my assumption (it definitely supports plaintext storage). Theoretically this makes it possible to extract the key for the message database. Also a different malicious program can read it. But this is moot anyway if the FBI can browse through the chats. This isn't what failed here.
Also last time I looked (less than 1 year ago) files sent over Signal are stored in plain, just with obfuscated filenames. So even without access to Signal it's easy to see what message attachments a person has received, and copy any interesting ones.