Re: Seahorse and clear text passwords: a proposal for a pragmatic solution



 Your all talking about a hardened solution witch is good Decrypting
on the fly would be awesome. But until then, what we are asking for is
having seahorse just require you to enter your user password to view
the passwords and keys. With a warning in the password window to
maintain transparency. IMO there are a few apps that could use similar
warnings or first run messages, it would really help to further user
education. Thanks all for your time, and effort. I really enjoy this
system we have here where even non-technical users have a voice and
can spur discussion.

On Fri, Oct 30, 2009 at 12:37 PM, Thorsten Sick <thorsten sick email de> wrote:
> Hello
>
>> The first and foremost 'real' thing we can do, to make all these
>> security dreams a reality, is help Linux get a concept of signed
>> applications (think iPhone, Mac OS) ... Or some other way to
>> differentiate between applications, or at least applications running in
>> different security contexts.
>
> I am working for an anti-virus company. We get a large amount of
> _signed_ malware.
> Signing files is not some magic fairy dust. If a file is signed by an
> institution you will have to read this as:
> "This file got through out signing process"
> Where the process can be anything from source code and assembler level
> analysis to getting 100 € and a handshake.
>
> We could at least verify if a file requesting a key got installed by
> root (not from usb stick or in a home folder), or if it was installed
> from an official repository.
>
> But this will not be bullet proof...maybe it protects against swords and
> daggers.
>
>> Vertigo wrote:
>> > I would suggest passwords in seahorse are not
>> > visible without re authentication of the user, but at the same time I would
>> > use the password dialogue box to warn the user that despite this
>> > authentication request, his passwords are NOT secure or encrypted as long as
>> > he is logged in, and he should lock his screen and/or close the keyring to
>> > avoid identity theft.
>>
>> Who does this reauthentication? Should seahorse lock and then try to
>> unlock the keyring? Or is gnome-keyring supposed to somehow identify
>> seahorse and treat it differently?
>>
>> Obviously anything done in seahorse would be of absolutely no
>> consequence to any other password manager.
>
> How often are keys requested from gnome-keyring ? How often would the
> user have to re-authenticate if every key request needs the user's ok ?
> I fear it will be to often. No UAC please
>
> Malware:
> My experience with it is most of the malware today does not have to get
> root access. The data malware is stealing is available in the user's
> context (passwords, bank account data, credit card numbers, ...) . The
> malware today is most of the time a trojan not a file infector => no
> root needed for spreading.
>
> The security philosopy is right. If something/someone gets control of
> the user's account the battle is lost.
>
> Hope this helps somehow
> Thorsten Sick
> --
> New key
> ID: 2116591D
> Fingerprint:
> FCAD 6073 7E7A CEF0 8A9B
> 4479 0E79 EEEE 2116 591D
> http://publicinterface.wordpress.com/
>
> _______________________________________________
> Seahorse-list mailing list
> Seahorse-list gnome org
> http://mail.gnome.org/mailman/listinfo/seahorse-list
>
>


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]