[Blink] Blink stores plain word passwords in its config file?

[Dan Pascu]

On 23 Nov 2010, at 16:30, tbizzle wrote:

> That's not very secure . . .

We do not want to give anyone a false sense of security or claim that  
we store the password securely, when in fact there is no foolproof way  
to store the password in a file with an open source program.

The config file is readable only by you, so no other user can read it  
unless they have root access. If you're worried about the root user  
reading your personal files on a desktop computer, then you're right.  
The root user could do that. But how many people don't own their  
desktop computers? In order to prevent it in such a case we would have  
to store it encrypted somehow. But then again, what stops the root  
user to simply add a statement that logs your password in a file in  
the blink code, right after where blink reads its configuration and  
decrypts the password? The root user doesn't even have to know what  
encryption method is used, it wouldn't even matter if you never store  
the password in a file ever but ask for it every time you make a call.  
He will simply benefit from the decryption which is already done by  
blink itself and the password can still be printed/saved to a file  
right after it is obtained from the configuration or from the user.  
This doesn't even incur an effort from the root user as python offers  
you full access to the source code and even if the program would be  
written in C, it would only create a minor nuisance as the root user  
would only need to recompile the program before he can spy on your  
password.

The conclusion is that either you use a desktop system you own and  
you're your own root user so you trust yourself implicitly, or you run  
on a system owned by someone you trust. Otherwise there is no  
protection against a root user that is willing and determined to read  
your files or to know what you type on the keyboard.

--
Dan