[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-devel
Subject: Re: IBM Applies for Password Manager Patent
From: Jason Keirstead <jason () keirstead ! org>
Date: 2003-11-13 23:07:12
[Download RAW message or body]
On November 13, 2003 06:10 pm, George Staikos wrote:
> On November 13, 2003 15:51, Jason Keirstead wrote:
> Then how does he get the wallet file to brute force it? Come on, this
> is rediculous. What is your point here?
>
Argh.
As I said above. KWallet is basing security around the fact that some guy is
logged into your system but you still want to hide data from him. But all he has
to do is copy off the files and brute force them, so its really no security at all.
My point is that the only real security layer is preventing people from getting onto
the system in the first place. Once someone is in my system, nothing else matters,
as far as I'm concerned the whole thing is compromised. So I could care less about
KWallet's passwords or encryption. Hence why I have my settings configured for
maximal ease of use, and minimum seucrity.
--
There's no place like 127.0.0.1
http://www.keirstead.org
>> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic