mleku's avatar
mleku _@mleku.online 2 years ago
i'm not a diversification cuckoo, i am a hawk, i keep my eggs in one nest and i watch it real close, and put it where it's hard to get at. one of the rules of signals intelligence is you don't send out a message unless you want to risk it being decoded. bitwarden breaks that rule. even brave sync breaks it on the metadata side. if my devices were ONLY locating each other and not sharing any other information that would be ok for me, but then how is that any different from me managing my own backups and using the fattest pipe I can - 10gbit USB-C cable.
↑ Parent

Replies (1)

mleku's avatar
mleku _@mleku.online 2 years ago
i'm not so stupid as to think that AES-256, which isn't even a protocol actually, it's a collection of them, and the difference that matters, can be broken. it's always side channels and handshakes and this sort of thing. i don't know how my brave sync got breached but a device appeared on the list that i definitely did not put there. so i presume it was the browser itself was penetrated, and specifically the access to the memory where that key is stored. i think you are way too trusting, and let's just leave it at that. anyone who pins their security on a web browser is on the road to trouble.