• communism@lemmy.ml
    link
    fedilink
    arrow-up
    3
    ·
    edit-2
    4 months ago

    Obviously there is the disk encryption passphrase at boot, adding another one for signal would in my case be redundant.

    I also have full disk encryption, but I still have some databases on my disk encrypted because I decrypt my disk when I boot my computer. But yeah if you have Signal open (& its db decrypted) all the time it would probably be minimal. I don’t have Signal open all the time though, only when I want to check messages or am actively using it

    I don’t think it does much on the typical desktop, be it windows or linux, where there are so many ways to escalate or persist privilege for anyone that has user-level access.

    The point would be encryption, even the root user wouldn’t be able to read encrypted data if they don’t have the passphrase

    • kbal@fedia.io
      link
      fedilink
      arrow-up
      4
      ·
      4 months ago

      If you have root, intercepting all the user’s keystrokes is trivial.