One Hundred Paper Cuts -- the first ten
Steve Langasek
steve.langasek at ubuntu.com
Sun Jun 21 01:37:39 BST 2009
On Fri, Jun 19, 2009 at 11:20:49PM +0200, Martin Pitt wrote:
> Steven Harms [2009-06-19 11:20 -0400]:
> > Can someone clarify for me the different between Firefox (our default
> > browser) storing passwords in clear text, and why that is acceptable,
> > but storing it clear text for network manager is unacceptable?
> If that is actually the case, it sounds like a bug to me.
> It should ask you for a master password the first time you choose to
> save a password in the keyring, and only if you leave that empty use a
> nonencrypted keyring.
I think the behavior you propose would be reasonable, but I don't really see
any reason to consider the current firefox behavior a bug. In contrast, I
*do* think it's a bug that wireless passwords have to be decrypted with a
user password by default: I consider the random set of WEP keys that I've
stored in my laptop to be quite a bit /less/ sensitive than most of the
other stuff in my homedir, and I would hate to see this gratuitous use of
encryption wind up giving an attacker some known plaintext that helped in
cracking my GNOME keyring...
(Also buggy: network-manager for second-guessing permissions on files in
/etc/NetworkManager/system-connections, to the point that it *won't use*
profiles that are world-readable! Bug report filed, but still outstanding
:( )
Let's please not presume that making users use more passwords default is
going to make things more secure. When the encryption passwordis *expected*
to match the login password in the common case, the attack scenarios that
the added encryption protect against appear to be rather narrow, and IMHO
definitely don't justify a degraded user experience ("password fatigue").
--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
Ubuntu Developer http://www.debian.org/
slangasek at ubuntu.com vorlon at debian.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 827 bytes
Desc: Digital signature
Url : https://lists.ubuntu.com/archives/ubuntu-devel/attachments/20090620/1cc4475b/attachment.pgp
More information about the ubuntu-devel
mailing list