Re: gnome-keyring Seahorse and clear text passwords: a proposal for a pragmatic solution
- From: Corey <snkiz1 0 gmail com>
- To: gnome-keyring-list gnome org
- Subject: Re: gnome-keyring Seahorse and clear text passwords: a proposal for a pragmatic solution
- Date: Fri, 30 Oct 2009 11:34:32 -0400
After a lot of reading I can see this is a real concern for gnome,
and a truly secure solution will require a lot of work. How you guys
decide to do that is way over my head. (though references to that
locked down piece of crap the iphone send chills.)
I can tell you this though Gnome's policy of education as a first
line of defense, while noble and probably the best solution. Has not
been implemented very well to this point. As an example I can tell you
I've been using gnome for four years and I just found out (after
participating in the debate on Ubuntu forms.) what seahorse is and how
it works.
I and a number of people believe that while confirming your password
to view passwords in seahorse is by no means secure or a permanent
fix. It will accomplish two things, one it will stop identity theft by
opportunists who have no real technical knowledge beyond point and
click. Two it would give Gnome an opportunity to educate the user on
best practices with security in a gnome environment.
Until we have a unified security solution I believe its imperative
that we do everything we can to meet the users expectations while
still adhering to the Gnome philosophy.
[
Date Prev][
Date Next] [
Thread Prev][Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]