Semisol 👨💻 on Nostr: even if a keychain was somehow secure and restricted access to that program only, you ...
even if a keychain was somehow secure and restricted access to that program only, you are only a memory dump away from getting the key
and since it’s same user that can be done with no privileges
it should be viewed as a way to delegate encryption at rest of secrets to the OS, nothing else
but you really should just do FDE
Published at
2024-07-05 19:09:45Event JSON
{
"id": "7b5fe34a43a903b426c2980967289053f835fbd98ce05e01a10705cbc8f4a0c8",
"pubkey": "52b4a076bcbbbdc3a1aefa3735816cf74993b1b8db202b01c883c58be7fad8bd",
"created_at": 1720206585,
"kind": 1,
"tags": [
[
"e",
"8cba37dc6f1d727399885e439a39ad9bb8a787d97057fa42931215feac66cef4",
"",
"root"
],
[
"e",
"97fba371b56804685b19d94cc7cc714f3ffddbf550b4a638e34dd2f7bf8f0aa5",
"",
"reply"
],
[
"p",
"6e75f7972397ca3295e0f4ca0fbc6eb9cc79be85bafdd56bd378220ca8eee74e"
],
[
"p",
"4a0510f26880d40e432f4865cb5714d9d3c200ca6ebb16b418ae6c555f574967"
],
[
"p",
"32e1827635450ebb3c5a7d12c1f8e7b2b514439ac10a67eef3d9fd9c5c68e245"
]
],
"content": "even if a keychain was somehow secure and restricted access to that program only, you are only a memory dump away from getting the key\nand since it’s same user that can be done with no privileges\n\nit should be viewed as a way to delegate encryption at rest of secrets to the OS, nothing else\nbut you really should just do FDE",
"sig": "b1f48d86a7a2b88b7c8d476c6e3a23452bdb93513e053ca89019f4bc5eec46598a2a6f844f120ce268da5f765b4501b347d2e8732c49a141a11e6acfe1124f38"
}
