[Blink] Blink stores plain word passwords in its config file?

Adrian Georgescu ag at ag-projects.com
Wed Nov 24 16:23:44 CET 2010


Helo Juha,

Security goes beyond the storage of your account password.

How about your call recordings, chat messages, file transfers and history with whom you had conversations? Are they less important than your password? They would not fit in the key-chain, would they? This data is more important than the password and is stored on your disk for anyone to access once you laptop is stolen, isn't it?

Losing my password is the last worry I have, what can the damage be for losing my password? 20 dollars for accessing the PSTN?

Seriously, when it has to do my personal communications, I have much more to lose when my laptop gets stolen, namely the data that has more value than the password. The password I can change but if my personal data ends up in other's hands is  expensive to cope with the consequences.

Investing in protecting a password with a convoluted scheme even as widely used as keychain where people check the box to remember everything anyway as they get annoyed by the same question over and over again, adds little value for an open source program that can print the password with only one line of code once extracted from the keychain.

Encrypting your home directory is the only things that can protect all your data, not just the password.

Regards,
Adrian


On Nov 24, 2010, at 11:04 AM, Juha Heinanen wrote:

> Dan Pascu writes:
> 
>> I wonder how many users would be fine with being asked for every  
>> account's password every time they start blink.
> 
> i use twinkle for real call and it asks password each time it is
> started.  i have never had any problem with that.
> 
> -- juha
> _______________________________________________
> Blink mailing list
> Blink at lists.ag-projects.com
> http://lists.ag-projects.com/mailman/listinfo/blink
> 




More information about the Blink mailing list