Hacker News new | past | comments | ask | show | jobs | submit login

This is the nature of shipping client code. Any key they used can be extracted by a sufficiently determined individual. The real security issue was not storing the database in the app's private directory.



The real security issue is using the same symmetric key with every client.


Not really. No matter what or how many keys they used, someone who stole your device could root your phone and determine the key.

Unless they did something like require the user to enter a master passphrase every time they started the app, then there is no real way around this.


That's really just security through obscurity. You're still shipping code that explains the process of obtaining the key. If they store their credentials to obtain the key in a public directory, it's just as vulnerable.


Wrong. If a phone can only retrieve the key for it's own number (e.g. via SMS request), that's orders of magnitude better than the current case where one key can decrypt logs for any arbitrary number. Each SMS request could generate a new key, so even if another app on the same phone does it, it won't be able to get the key to read the logs.


This still relies on the legitimate app not storing the key they fetched in a public directory so the attacker can read it. You can keep adding layers upon this, but it doesn't change that.


>This still relies on the legitimate app not storing the key they fetched in a public directory so the attacker can read it.

Obviously. Why would they do anything else? The point is that they can safely store the logs on an SD card under space constraints.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: