[Blink] Blink stores plain word passwords in its config file?

[Dan Pascu]

On 24 Nov 2010, at 00:46, tbizzle wrote:

> Even a bit of encryption based on hardware is better than having the  
> password written plainly in the text file..

While that may be true for someone who doesn't have the knowledge or  
the motivation to retrieve the password, my point was that overall  
this only gives a false sense of security.

> You could potentially even utilize the OSX password keyring.
>
> As it stands I was requested to email my config file to you guys for  
> debugging but whoops it had my passwords written out plainly in it...

It wouldn't have made a difference if it was encrypted. Unless it uses  
something that requires your input in order to be decrypted, which is  
basically equivalent to not putting it in the config file but asking  
the user for it every time blink starts, we could have decrypted it  
anyway, since we would know the method used to mangle it.

That's exactly what I wanted to highlight. If you would have seen it  
in a mangled form in the config file, you would have probably sent us  
the config file without removing the password, thinking that you are  
safe because the password is encrypted somehow and we cannot know your  
password, but this would be false.

I wonder how many users would be fine with being asked for every  
account's password every time they start blink. Be aware though, that  
even with this approach, the user is not safe from people that may spy  
on his system, it would only help when the system is lost/stolen, but  
there are better solutions for this already (like encrypting your  
filesystem which will protect your system overall, instead of having  
protection for each and every application's data individually).

The conclusion is that there is no magic solution that will  
automatically make it secure for anyone in any use case. The user  
needs to understand security and he needs to know exactly what can be  
used in what situation.

--
Dan