On Mon, Aug 2, 2010 at 7:47 AM, Dieki N <[email protected]> wrote: > Currently, Ubuntu will by default require the user's login password when a > program (Empathy or Gwibber, for instance) attempts to access the system > keyring, unless the user entered her\his password when logging in. I'm > guessing this was done for security, to prevent unauthorized users from > accessing important user passwords. However, there are a number of reasons > why this is ineffective: > > It doesn't apply to FireFox or (In UNE Maverick) Chrome. Normally, these > applications store far more important passwords than the system keyring. > It provides no protection from malware, since malware can just display a > fake keyring password dialog. > If an unauthorized user obtains access after the user has already unlocked > the keyring, the protection is lost. (My guess is that most users that use > the keyring unlock it shortly after login; but I have no real data on this) > > The better solution for security-conscious users is to enable home directory > encryption, which not only protects keyring passwords, but also documents > and Firefox\Chrome passwords. > Therefore, requiring a user password for the keyring is nearly useless; and > it's annoying to have to enter one's password when launching > Gwibber\Empathy, particularly if they run on startup. > Based on these reasons, it might be a good idea to use unsafe storage for > passwords by default, with a good way to turn it on for those users that > want it.
Gnome Keyring asks you to type in your password when you log in if you have automatic login enabled, because it NEEDS your password in order to decrypt the login keyring. (Automatic login is a bit cleverer than just typing in your password for you, thankfully). You can set the login keyring to have no password, which leaves it unencrypted. However, I think that would be pretty ugly as something in by default. For what it's worth, Chromium _is_ about to use gnome-keyring / kwallet to store its password. That functionality is in the current dev builds and quite stable. (As an option: --password-store=detect). I don't know when it will land as default in a stable build, but on my computer, at least, that leaves very few applications storing my passwords in rude, inconsiderate ways. Firefox is one of those few. There is movement afoot somewhere to create a desktop-agnostic standard for password / secret storage. At that point, there is really no reason why Firefox couldn't support it. Getting that working would be a great course of action rather than intentionally leaving peoples' passwords floating in the open. As for encrypting the home directory, that hurts performance, and not everyone is security conscious for the sake of it; high performance is going to be important for a lot of those users, too. Besides, encrypting your passwords is not something that should be limited to the security conscious. It's generally good practice and it protects people from a number of malicious computer attacks. This thing protects ordinary users as much as it protects power users. Now having said that, I may be more enthusiastic about change if it be accompanied by configuration dialogs. Perhaps a nice, big "Encrypt my passwords" button somewhere, alongside "I changed my mind, encrypt my home folder" :) Seahorse could certainly be better there. Right now, the only way you can change a keyring's password is with a right click. It isn't in the least bit obvious. Dylan _______________________________________________ Mailing list: https://launchpad.net/~ayatana Post to : [email protected] Unsubscribe : https://launchpad.net/~ayatana More help : https://help.launchpad.net/ListHelp
