[Blink] Blink stores plain word passwords in its config file?
dan at ag-projects.com
Wed Nov 24 10:01:51 CET 2010
On 24 Nov 2010, at 00:46, tbizzle wrote:
> Even a bit of encryption based on hardware is better than having the
> password written plainly in the text file..
While that may be true for someone who doesn't have the knowledge or
the motivation to retrieve the password, my point was that overall
this only gives a false sense of security.
> You could potentially even utilize the OSX password keyring.
> As it stands I was requested to email my config file to you guys for
> debugging but whoops it had my passwords written out plainly in it...
It wouldn't have made a difference if it was encrypted. Unless it uses
something that requires your input in order to be decrypted, which is
basically equivalent to not putting it in the config file but asking
the user for it every time blink starts, we could have decrypted it
anyway, since we would know the method used to mangle it.
That's exactly what I wanted to highlight. If you would have seen it
in a mangled form in the config file, you would have probably sent us
the config file without removing the password, thinking that you are
safe because the password is encrypted somehow and we cannot know your
password, but this would be false.
I wonder how many users would be fine with being asked for every
account's password every time they start blink. Be aware though, that
even with this approach, the user is not safe from people that may spy
on his system, it would only help when the system is lost/stolen, but
there are better solutions for this already (like encrypting your
filesystem which will protect your system overall, instead of having
protection for each and every application's data individually).
The conclusion is that there is no magic solution that will
automatically make it secure for anyone in any use case. The user
needs to understand security and he needs to know exactly what can be
used in what situation.
More information about the Blink