pasting of passphrases please?



Hi,

thank you for your efforts maintaining seahorse and offering an
integrated pgp key and password support for gnome applications.

However, after having to manually "copy and paste" my very long and very
random pgp key passphrase from KeePassX over to seahorse again, I was
wondering if anyone else finds this rather insecure and cumbersome and
indeed I found

https://bugs.launchpad.net/ubuntu/+source/seahorse/+bug/238954

I was a bit surprised by the upstream response from Adam, actually
suggesting that manually copying a long and complicated passphrase,
which has to be displayed in the clear and openly on your screen for
about a minute, is considered more secure than enabling "paste" for the
password/passphrase entry field. 

Moreover, it was suggested to use the "always remember passphrase"
function of the gnome keyring to only have to do this once per session.
Why is storing a key permanently in memory considered more secure than a
20 second storage of a passphrase in case of "cut&paste" using keepassX?

Just because clipboard memory can be paged out to disk?

Maybe using only non-pageable memory for the clipboard would then
resolve the issue? I am not sure where to look for that, though. There
seem to be many places where cut & paste is handled, starting at the
"low level" X11 primary selections, X11 clipboard, gnome clipboard and
some fancy clipboard applications on top of that.

Besides the fact that many machines have more than enough memory to
effectively never use the page file at all, even if they do, many people
use encryption to prevent information from being read. RAM is the place
I am concerned about since cold boot attacks became widely documented. I
don't want to use the "always remember passphrase" function, I want to
be able to copy and paste from keepass.

Can you please at least consider enabling pasting of passphrases by
willing and conscious user interaction? Using a notebook in a public
place is making me very nervous when I have to enter my pgp passphrase
in a train for example. Beware of shoulder surfers ... they can take a
digicam snapshot of my passphrase much faster than I can "spell" it into
seahorse. To me this risk by far outweighs the "pageable RAM" problem
with a timeframe of 20 sec (which can be shortened by the way).

I had a quick look at seahorse-secure-entry from the libseahorse but I
simply do not have the time to tweak that myself.

Cheers

Jens




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]