After Criticism, Signal Agrees to Secure Plain-Text Encryption Keys for Users' Message Databases

"Signal is finally tightening its desktop client's security," reports BleepingComputer — by changing the way it stores plain text encryption keys for the SQLite database where users' messages are stored:
When BleepingComputer contacted Signal about the flaw in 2018, we never received a response. Instead, a Signal Support Manager responded to a user's concerns in the Signal forum, stating that the security of its database was never something it claimed to provide. "The database key was neve