On Jan 18, 2:27 pm, Dossy Shiobara <do...@panoptic.com> wrote:
> Hint: If the data is in RAM at any point in time, your entry-level
> hacker kiddie can recover the keys in cleartext.

Ayup :-(

> Storing your key on a remote server and fetching it doesn't protect it
> either.  As long as that key is brought to a machine that an attacker
> has full control over, it might as well be stored with the app in plaintext.

Reply via email to