On Friday, April 04, 2014 10:08:36 PM Thomas Lübking wrote: > On Freitag, 4. April 2014 02:42:32 CEST, Michael Pyne wrote: > > Of course if an attacker is running code they'd probably just > > find it easier > > to open the .kwl directly and read the folder and key names, > > since apparently > > those are stored unencrypted, if the API docs are to be believed. > > Apparently is is changed with KSS and I frankly would have hoped that only > hashes are stored for this test?
Only hashes are stored for this test - see my answer next to this message. > > Cheers, > Thomas -- Valentin Rusu irc: valir
signature.asc
Description: This is a digitally signed message part.
