From kde-devel Wed Nov 12 22:43:56 2003 From: Oswald Buddenhagen Date: Wed, 12 Nov 2003 22:43:56 +0000 To: kde-devel Subject: Re: IBM Applies for Password Manager Patent X-MARC-Message: https://marc.info/?l=kde-devel&m=106867713905891 On Wed, Nov 12, 2003 at 04:47:09PM -0500, George Staikos wrote: > On Wednesday 12 November 2003 16:32, Aaron Seigo wrote: > > On Wednesday 12 November 2003 13:54, George Staikos wrote: > > > > I am the only person who uses this computer (or > > > > even has access to it) so I'm not THAT worried about security. > > > > > > You may not be, > > > but you should be, > > > > he just stated why he doesn't need to be. we may think otherwise, but user > > trumps all. period. > > You might be surprised to know who's been 0wned lately. If KWallet used > the login password, all this person's passwords would be compromised too. > that's nonsense. if the account gets 0wned, the security is gone either way. let's consider the possible scenarios: - the wallet is already open -> got it - the wallet is closed, the attacker does not have the password (he broke in a different way, like a busted network client), but will have access to the box later -> install keylogger -> got it - the wallet is closed, the attacker doesn't have the passwd and won't have later access to the box (or the user won't ...) -> can't get it either way - the attacker has the password (dictionary attack). well ... it's the same as allowing direct root logins: you lose one layer of password protection (login vs. login + su). but see it that way: if the password is weak, the second won't be any better, as this is prolly a user that cannot be helped anyway. if the password is good, chances are much better that the account/box is 0wned a different way than by gussing the password, and then we're at the second scenario anyway ... - what did i miss? the whole thing boils down to any security being bound to the integrity of the account. therefore it does not make (much) difference if you leave out additional layers that depend on it anyway. that's the main reason why i don't actively use gpg: i cannot trust my machine being safe from an "interested person". if you depend on security, use an encryption device that is mathematically proven to not leak authentication data to, and to not accept code from the machine. of course there are various tools that improve the security of the machine (particularily interesting for desktop users is xtrace, btw), but none of them gives any _warranty_. greetings -- Hi! I'm a .signature virus! Copy me into your ~/.signature, please! -- Chaos, panic, and disorder - my work here is done. >> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<