You guys are complicating this too much.
This might be a very common attack vector for good desktop wallets.
But gaining access to funds stored in jaxx is way easier.
It is literally just one command to extract the mnemonic.
It is stored in a sqlite database (Windows: C:\Users\USERNAME\AppData\Roaming\Jaxx\Local Storage).
It can be extracted with:
Even though the mnemonic is encrypted with AES.. this is quite useless because EVERY mnemonic on EVERY computer is encrypted the same way (same key, same IV)...
Which makes it senseless to encrypt it if every person knows how to decrypt every other persons mnemonic.
For the sake of completeness:
IV = "mHGFxENnZLbienLyALoi.e"
So.. you basically just need less than 60 seconds access to the computer to gain access to the mnemonic.
Doesn't matter if you can simply use that computer while the person owning that wallet is away, or via some malware.
You don't need any administrative privileges. Just standard user privileges the wallet is running with.
But hey.. Jaxx claims this is not a problem at all.
Because.. with a desktop wallet your funds are always as secured as your computer is... makes sense, doesn't it?
I mean.. if i let someone use my computer for less than a minute without internet access and without giving him the ability to insert an USB or similar.. my funds would be at risks with every wallet, right? RIGHT?
(Of course not!)
Jaxx is a joke.