[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-core-devel
Subject:    Re: KWallet integration
From:       Rob Kaper <cap () capsi ! com>
Date:       2003-09-04 10:52:37
[Download RAW message or body]


On Thu, Sep 04, 2003 at 12:11:13PM +0200, Martijn Klingens wrote:
> If root doesn't have the key it is always capable to retrieve it in a system 
> that's in use. Encryption only helps against systems that are not and cannot 
> be trojaned.

True, but that's no argument not to encrypt, or not to secure.

Applications like Atlantik, Konqueror and Kopete are trusted only because we
*know* what security procedures are in place and judge them to be
sufficient. If the KWallet API would allow for creditcard data to be given
to any of these applications just because I unlocked my IM passwords, then I
would not consider KWallet trusted for the purpose of storing sensitive data
such as creditcards.

If however it would require keyboard sniffing or binary modifications on my
system to get that data, my assessment of the security offered will be quite
different.

I think it's important that we decide whether KWallet in 3.2 will just be a
convenient way to store passwords, or whether it includes a security model.
I don't care either way, but I do want to know what exactly it will offer so
I can make a proper decision what to use it for and know what to tell others
about it.

Rob
-- 
Rob Kaper     | "They that can give up essential liberty to obtain a little
cap@capsi.com | temporary safety deserve neither liberty nor safety."
www.capsi.com | - Benjamin Franklin, Historical Review of Pennsylvania, 1759

[Attachment #3 (application/pgp-signature)]

[prev in list] [next in list] [prev in thread] [next in thread]