[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-core-devel
Subject:    Re: KWallet integration
From:       Jörg Walter <jwalt-kde () garni ! ch>
Date:       2003-09-04 12:17:38
[Download RAW message or body]

Am Thursday, 04. September 2003 13:16, schrieb Martijn Klingens:

> Why not? If you distrust an application you can just as well distrust the
> entire system, since an untrusted application can just as well install a
> key logger and pass a separate 'credit card password' to whoever is
> interested.
>
> So either you trust the application and you can just as well put everything
> in the same wallet, or you don't, but then you should not even USE the
> application in the first place, with wallet or not.

You forget the probability of unintentional application misbehaviour, i.e. 
bugs. I wouldn't want any app be able to transmit my credit card information 
to somewhere just because the app selected the wrong entry due to an 
off-by-one error or whatever. If KWallet entries would include a flag telling 
which app may use that entry (perhaps just the creating app), then such 
errors (including simple automated exploitation attempts and some attack 
scenarios relying on social engineering) would be blocked. Installing a 
keylogger is much harder for an attacker than making some app misbehave 
through invalid input.

-- 
CU
   Joerg

[prev in list] [next in list] [prev in thread] [next in thread]