Oddbean new post about | logout
brugeman | 1 years ago (raw) | root | parent | reply | flag +2 
 Spring is safe, your keys are stored on disk in encrypted form, apps cannot access them, the source code is open.
Newton | 1 years ago (raw) | root | parent | reply | flag +1 
 Thank you very much, @brugeman, for taking your precious time to reply. What you tell is assuring. How does it encrypt nsec on disk please? Encrypt with what?
brugeman | 1 years ago (raw) | root | parent | reply | flag +1 
 With keys generated inside the Android's internal keystore.   Android ensures only Spring can access those keys, decryption is performed inside the keystore.
Newton | 1 years ago (raw) | root | parent | reply | flag 
 That sounds great. Thank you.