On Freitag, 4. April 2014 02:42:32 CEST, Michael Pyne wrote:
Of course if an attacker is running code they'd probably just find it easier to open the .kwl directly and read the folder and key names, since apparently those are stored unencrypted, if the API docs are to be believed.
Apparently is is changed with KSS and I frankly would have hoped that only hashes are stored for this test? Cheers, Thomas
