technically it's eonwarped. if you don't like that, and you shouldn't, use keychain and don't share them. (nothing personal against eon, he's awesome, just, you should avoid keysharing whenever possible)
You are viewing a single comment's thread from:
That is why i asked.
So, our key goes to his server?
Active key, too, when we move tokens?
I can't use keychain until the app store allows android downloads.
It's a condenser clone, so keys should stay locally on your device.
Hmmm.
So, the need for vigilance will persist, though.
I wouldnt imagine that it takes many lines of code to extract keys.
Would github track a change to the code that made that change to the clone?
Or, would short term mods be invisible requiring constant review of the code?
Whatever tool you use and where you input your keys, you are extending your trust to the devs and their security. It can happen that someone hacks an app and adds malicious code that will extract your keys and it will be very hard to detect and block that.
Wonderful.
Just a matter of time and luck at not being caught up in a hack.
It's worked this far, i guess.