[Blink] Blink stores plain word passwords in its config file?

Klaus Darilion klaus.mailinglists at pernau.at
Thu Nov 25 09:38:15 CET 2010



Am 24.11.2010 16:23, schrieb Adrian Georgescu:
> Helo Juha,
>
> Security goes beyond the storage of your account password.
>
> How about your call recordings, chat messages, file transfers and
> history with whom you had conversations? Are they less important than
> your password? They would not fit in the key-chain, would they? This
> data is more important than the password and is stored on your disk
> for anyone to access once you laptop is stolen, isn't it?

It depends on how valuable your conversation is - I think in my cases 
the password is more important :-)

> Losing my password is the last worry I have, what can the damage be
> for losing my password? 20 dollars for accessing the PSTN?

If you have pre-paid. If not you can get a quiet high telephone-bill (no 
provider has bullet-proof fraud detection systems)

> Seriously, when it has to do my personal communications, I have much
> more to lose when my laptop gets stolen, namely the data that has
> more value than the password. The password I can change but if my
> personal data ends up in other's hands is  expensive to cope with the
> consequences.

True. But the good thing is that usually you notice if someone steals 
your laptop. If someone steals your password you do not notice.

> Investing in protecting a password with a convoluted scheme even as
> widely used as keychain where people check the box to remember
> everything anyway as they get annoyed by the same question over and
> over again, adds little value for an open source program that can
> print the password with only one line of code once extracted from the
> keychain.
>
> Encrypting your home directory is the only things that can protect
> all your data, not just the password.

I wonder if there is a way to prevent that blink gets modified?

regards
klaus



More information about the Blink mailing list