1 |
Am 17.01.2012 12:29, schrieb Dale: |
2 |
> Neil Bothwick wrote: |
3 |
>> On Tue, 17 Jan 2012 04:27:09 -0600, Dale wrote: |
4 |
>> |
5 |
>>>>> I use Lastpass which does about the same as other password |
6 |
>>>>> managers. |
7 |
>>>> Doesn't LastPass store your passwords on their servers, and weren't |
8 |
>>>> they compromised last year? I'll stick with KeePassX, the password |
9 |
>>>> database is stored and encrypted locally. Even if I put it on |
10 |
>>>> DropBox, hacking that will only give the encrypted database. |
11 |
>>>> |
12 |
>>>> |
13 |
>>> None of the passwords were lost tho. |
14 |
>> This time. |
15 |
> |
16 |
> And maybe not the next time either, or the next time, or the next time. |
17 |
> Point is, can you state for a fact that no site will ever be broke into, |
18 |
> ever? |
19 |
> |
20 |
>> |
21 |
>>> They got everyone to change them |
22 |
>>> just in case but according to what I read, the hackers didn't get |
23 |
>>> anything. |
24 |
>> This time. |
25 |
> |
26 |
> See above. |
27 |
> |
28 |
>> |
29 |
>>> Keep in mind, they are encrypted locally, then sent to |
30 |
>>> them. They can't see the passwords either. |
31 |
>> How is it encrypted? If the encryption system is not open source, it is |
32 |
>> not trustworthy. |
33 |
> |
34 |
> The guy that owns it posted on this list a good while back. This was |
35 |
> before the hack job. According to the things I have read, it has been |
36 |
> improved even more than it was. I agree open source can be good but |
37 |
> that doesn't mean closed can't be since we don't know what it does. If |
38 |
> we don't know, neither does the hackers. |
39 |
> |
40 |
|
41 |
That last argument is flawed. What you describe is called security |
42 |
through obscurity. That violates Kerckhoffs's principle, one of the |
43 |
foundations of cryptography. |
44 |
|
45 |
I agree that the crypto system doesn't necessarily need to be |
46 |
open-source, depending on how much you trust the vendor. However, a good |
47 |
percentage of all security breaks are inside-jobs. This is far harder to |
48 |
pull off when the publish the source code or have some kind of |
49 |
certification process. |
50 |
|
51 |
Heck, even that might not protect you. See for example this thing: |
52 |
http://arstechnica.com/business/news/2012/01/device-turns-any-laptop-storage-into-a-self-encrypted-drive.ars |
53 |
|
54 |
It is NIST FIPS 140-2 level 1 certified. However, it used AES-ECB, |
55 |
something that is known to be far too weak for full disk encryption. It |
56 |
still got certified since it "works as expected." |
57 |
|
58 |
In conclusion: There are lots of pitfalls and using "secret" crypto |
59 |
systems makes it impossible to check for them, even if you know your stuff. |
60 |
|
61 |
Regards, |
62 |
Florian Philipp |