Gentoo Archives: gentoo-user

From: Dale <rdalek1967@×××××.com>
To: Gentoo User <gentoo-user@l.g.o>
Subject: Re: [gentoo-user] Moving from Lastpass to Bitwarden
Date: Thu, 18 Feb 2021 10:37:50
In Reply to: Re: [gentoo-user] Moving from Lastpass to Bitwarden by Dr Rainer Woitok
1 Dr Rainer Woitok wrote:
2 > Dale,
3 >
4 > On Wednesday, 2021-02-17 23:08:12 -0600, you wrote:
5 >
6 >> ...
7 >>   Still, they are closed source.  If
8 >> their code was open source then it could be that the hack would not have
9 >> happened since someone would have spotted the hole the hackers used. 
10 > I don't think so. They hacked the Lastpass servers exploiting some vul-
11 > nerability in some software running there ... Windows, Word, Excel, you
12 > name it. Maybe they too used the bug in SolarWinds' remote maintenance
13 > software, but then ... wasn't the Lastpass hack way earlier?
14 >
15 > Sincerely,
16 > Rainer
17 >
19 I did say it could have been found.  Still, if they allowed their
20 system/software to be tested by others, then even that security hole
21 could have been found and fixed which would have prevented the hack. 
22 Regardless of this, they are closed sourced, they got hacked and it
23 could have been prevented if they allowed others to see their code. 
24 That's one thing about open source software, there can be millions, ten
25 of millions or more, of people looking at it.  It reduces the odds of
26 bad code lasting long.  It can happen but it reduces it a lot. 
28 I still trusted Lastpass.  I would still be using it except for the fact
29 they decided to take away features I need unless I pay more than it is
30 worth to me.  Since I need to switch anyway, may as well find a open
31 source option that has a better chance of having good code.  Maybe it
32 won't be hacked at all.  One can hope. 
34 Dale
36 :-)  :-)