--===============1234835231== Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg=pgp-sha1; boundary="Boundary-02=_AO0s/HvokcXLt0R"; charset="iso-8859-1" Content-Transfer-Encoding: 7bit --Boundary-02=_AO0s/HvokcXLt0R Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Wednesday 12 November 2003 04:47 pm, George Staikos wrote: > On Wednesday 12 November 2003 16:32, Aaron Seigo wrote: > > On Wednesday 12 November 2003 13:54, George Staikos wrote: > > > > Let me just add my hearty AMEN to this. I also am using wallet for > > > > this specific purpose. I am the only person who uses this computer > > > > (or even has access to it) so I'm not THAT worried about security. > > > > > > You may not be, > > > > that's right, he isn't. and yet you still hold that you/KDE know better > > and therefore have a right to control his machine andh is use of his > > machine. who controls the machine, exactly? the user or KDE/George > > Staikos? > > I know from experience. Not only does the compromise of his passwords > cause harm to him, but it causes harm to others. I have a right to run an > open relay and sendmail 8.6.9, but I'll spread spam and worms like there's > no tomorrow. Therefore Linux distributions do not ship sendmail 8.6.9 or > open relays. You can change it as you please. It's free software, as you > point out below. AHH I see you know my life better than I do. Ok. :) Let me make it clear.= :) =20 I live alone. I am single. Therefore, yes, my root password is...=20 "password". And yes, I have complete unlimited access. If someone gets=20 physical access to the computer, am I screwed? Yup! However, I make 3 pho= ne=20 calls and problem "solved". Am I worried that my DOG or one of my CATS is= =20 going to gain access to my passwords? I think not. :) I am MUCH more=20 concerned of course with attempts to access my computer over the Internet..= =2E=20 which is why I have a number of security layers in place to handle that! =20 (Please note: this paragraph is meant to be read with tounge in cheek type= =20 humor. IE it is not intended in ANY WAY as a personal attack or even ANY=20 kind of attack at all on ANYONE) Do I run my servers that I admin this way? HELL NO!!! =20 Why? Because what's on the servers is 1000x more important than what's on = MY=20 computer! =20 The "problem" of having security programs/systems/methods accepted in gener= al=20 use is very simple. The more secure you make something, the less easy it i= s=20 to use. QED, my home machine here, it's geared for EASE OF USE. My=20 servers... geared to SECURITY. =20 Now, I do I expect that I am the majority case? I HOPE NOT! LOL=20 > You might be surprised to know who's been 0wned lately. If KWallet us= ed > the login password, all this person's passwords would be compromised too. > Are you saying that KWallet is insecure then? Are you saying that there's = a=20 backdoor in KWallet that you've programmed in? Or are you saying that you'= ve=20 hacked my machine? :) (Note: for the humor impared, this is a joke. Thoug= h=20 I am interested in exactly WHAT you mean here George.) > > > and many others are. > > > > this isn't about the default settings, which MUST indeed be secure (i > > have no beef with KWallet there =3D); this is about optional settings t= hat > > the user should have access to. > I would NEVER EVER EVER Expect something like this to be the DEFAULT! That= =20 goes without saying! > Ok this is what I said, and I have absolutely no intentions of > implementing this option. It's free software, someone else can do it. I > will however ensure that it does not compromise security for everyone els= e. George, I don't expect you to to implement the option. My apologies if my= =20 email came across as a request to YOU personally to add this. It was not=20 intended in that light, the previous email and this one are to show that=20 there are some edge use cases (and the reasons why) that maybe need/want to= =20 be considered. Also, if/when a patch for this is submitted, I would hope A= ND=20 EXPECT that it be scrutinized heavily because as has been said, a poorly=20 written patch COULD well cause security problems. =2D-=20 Jeff Stuart jstuart@computer-city.net --Boundary-02=_AO0s/HvokcXLt0R Content-Type: application/pgp-signature Content-Description: signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQA/s0OACjBq5yGznksRArk6AJ0XiESTmyJYpV/xs6SkxAt8Oh6BKACfe0lT GRTWbS1L86KnGAVcb5cktf0= =CNuo -----END PGP SIGNATURE----- --Boundary-02=_AO0s/HvokcXLt0R-- --===============1234835231== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline >> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe << --===============1234835231==--