Open terev opened 4 years ago
https://github.com/natewong1313/bird-bot/blob/0a76dca2157c021c6cd5734928b1ffcf46a2b3b2/utils.py#L15
This key should really be a strong password chosen by the user and input every time the app is run to decrypt profile info. Preferably the user should be prompted for this key any time data is used.
This is an implementation of ransomware waiting to happen until you rely on the user to supply the encryption key
@yulayula16 what would look like an exploit?
https://github.com/natewong1313/bird-bot/blob/0a76dca2157c021c6cd5734928b1ffcf46a2b3b2/utils.py#L15
This key should really be a strong password chosen by the user and input every time the app is run to decrypt profile info. Preferably the user should be prompted for this key any time data is used.