Good point. (On the other hand, it could be said that you have to completely trust *any* software that you run on your local machine, at least with today's operating system architectures. Even if Shotwell doesn't ask for your password directly, if the software is malicious it could install a keylogger or a browser plugin or a similar hack to grab the password when you enter it into another application. I believe that some such attacks are viable even if Shotwell doesn't run as root.)
In any case, I think it's time for Shotwell to switch to OAuth/OpenID. I've marked the upstream ticket (http://trac.yorba.org/ticket/3445) for the next Shotwell release (0.13). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/782690 Title: Picasa upload not secure: asks for Google Password To manage notifications about this bug go to: https://bugs.launchpad.net/shotwell/+bug/782690/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
