Recovered and unencrypted image on WindowsImage: John J Hacking Typically, the folder remains alive on the local storage until the image uploading action lasts. This means the images were still retrievable in cleartext format.Īccording to a blog post published by researchers, the bug also prevents the “uploadtemps” folder from getting immediately wiped, as it usually happens. However, despite showing them as deleted, the pictures were neither removed on the local cache nor from the “uploadtemps” directories due to the bug. In the Keybase app, under normal circumstances, after deleting a picture or enabling the explode feature, which activates time-based deletion of images, the pictures are expected to be wiped from the app’s cache. It impacts the app’s cleartext image storing cache and is found in all desktop versions of the app across all platforms, including Windows, Mac, and Linux. Bug Affects Keybase App’s Picture Storing MechanismĪccording to Jackson and his team, the bug carries the identifier CVE-2021-23827. However, Jackson reported in the company’s latest report that the bug could compromise Keybase users’ privacy. This feature-rich app offers comprehensive privacy and security. The app is regarded as one of the best for encrypted communication. John Jackson and researchers at Sakura Samurai including Aubrey Cottle, Jackson Henry, and Robert Willis have identified a critical vulnerability in the Keybase app that puts the privacy of Windows, macOS, and Linux users at risk. Keybase is owned by Zoom and currently has almost half a million privacy-focused users.
0 kommentar(er)
