[Blink] Blink stores plain word passwords in its config file?
tbizzle
t at eatbabies.com
Tue Nov 23 23:46:51 CET 2010
Even a bit of encryption based on hardware is better than having the
password written plainly in the text file.. You could potentially even
utilize the OSX password keyring.
As it stands I was requested to email my config file to you guys for
debugging but whoops it had my passwords written out plainly in it...
=\
..
On Tue, Nov 23, 2010 at 5:41 PM, Juha Heinanen <jh at tutpro.com> wrote:
> Dan Pascu writes:
>
> > The conclusion is that either you use a desktop system you own and
> > you're your own root user so you trust yourself implicitly, or you run
> > on a system owned by someone you trust. Otherwise there is no
> > protection against a root user that is willing and determined to read
> > your files or to know what you type on the keyboard.
>
> the conclusion is wrong. i can own my own system and it may get
> lost/stolen. if blink would ask password each time blink is started, it
> would not be possible for the new "owner" of the system to recover the
> password at least if the system was not booted or blink was not running,
> when the system disappeared.
>
> -- juha
> _______________________________________________
> Blink mailing list
> Blink at lists.ag-projects.com
> http://lists.ag-projects.com/mailman/listinfo/blink
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ag-projects.com/pipermail/blink/attachments/20101123/26009ff5/attachment.html>
More information about the Blink
mailing list