In https://discussions.agilebits.com/discussion/comment/494637/#Comment_494637 it appeared to be established with @brenty that the combination of a crash, memory dump, and telemetry could export master password, secret key, and vault contents in plain text in the absence of malware.
In view of that, it was puzzling to see paragraph 2 in the official AgileBits statement on the issue at https://support.1password.com/kb/201902a/
The most important thing to know is that the issue described in the report is only a threat to a computer that is already compromised. If your computer is not compromised, you aren’t affected by the issue.
Were we incorrect in our joint understanding that a crash and memory dump could expose secrets in the absence of malware? Or did the official statement inadvertently assert something that isn't quite right?
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided