1 |
On Saturday 28 November 2009 00:43:48 Dale wrote: |
2 |
> chrome://messenger/locale/messengercompose/composeMsgs.properties: |
3 |
> > On Friday 27 November 2009 22:17:15 Dale wrote: |
4 |
> >> If I have a |
5 |
> >> system meltdown and lose my password info stored locally, I can get them |
6 |
> >> back since they are stored on the lostpass server. According to the |
7 |
> >> site, lostpass can not see or even access any password even if I ask for |
8 |
> >> them too. |
9 |
> > |
10 |
> > And if you believe that, I have a nice bridge for sale you might be |
11 |
> > interested in ... |
12 |
> |
13 |
> That is what is on the website. It's not me saying that. Thing is, |
14 |
> there are people in the review section that have done this and they say |
15 |
> it works well. |
16 |
> |
17 |
> I may try this but only none financial things at first. |
18 |
|
19 |
Of course it works well - you INSERT a password into a database and SELECT it |
20 |
out later when you need it. I'd be surprised if it didn't work. |
21 |
|
22 |
What I find incredible is that people will accept the site's say-so that the |
23 |
site admins can't read the data. They have not proven anything, merely |
24 |
asserted something. |
25 |
|
26 |
The only way to do give that guarantee is to encrypt the data. Which then |
27 |
needs a key. Someone must keep the key and it's either you or them. If it's |
28 |
them, they can decrypt the data (same reason as DRM is doomed to failure) and |
29 |
if it's you - well if you lose the key you lose the data. |
30 |
|
31 |
Are you telling me that there are people gullible enough to actaully fall for |
32 |
that one? |
33 |
|
34 |
|
35 |
|
36 |
-- |
37 |
alan dot mckinnon at gmail dot com |