Skip to content

1.1.0 - 💥 Security Improvements
Compare
Choose a tag to compare
@betapictoris betapictoris released this 21 Aug 21:06
· 56 commits to dev since this release
1.1.0
0d7029d

💥 This is a breaking change: Your preexisting graves will not open after updating, consider copying a decrypted version before doing so and clearing the ~/.graveyard directory.

What happened?

As Lemmy user @[email protected] pointed out, the key should not have been stored as a SHA256.

Why was this bad?

In case a hacker had physical access to the device and could get the hashed keys they could figure out which passphrases are reused.

How has it been fixed?

Keys are now stored within $XDG_DATA_HOME/graveyard/keys or ~/.graveyard/keys as salted Argon2 hashes.

Assets 3
Loading