| ▲ | zenoprax 7 hours ago | |
Signal creates the notification, does it not? That's like claiming `echo "my_private_data" | notify-send` is insecure. If piping encrypted content resulted in a plaintext notification then you'd have a right to be concerned. | ||
| ▲ | coldtea 5 hours ago | parent | next [-] | |
What prevents the phone from taking screenshots of you reading the messages in the app? The actual one end is the phone, not the app, period. | ||
| ▲ | 6thbit 3 hours ago | parent | prev [-] | |
Exactly yes, and that is insecure here because the app relayed the message beyond its layer and ownership. Thus not making the app the end of the communication. | ||