We're doing crypto in javascript - right now there is no guarantee that the memory holding our keys will be cleared or zeroed after we're done. We're screwed on windows and most linux users will simply write their password if a prompt tells them to anyway. Protection against a local attacker is a fruitless pursuit here. As for the custom backend for storage, your are absolutely right, that was one of the things I was going to change in the dev branch. I should get back to working on it pretty soon.
On Thu, Jun 13, 2013 at 9:57 AM, Thomas Oberndörfer <[email protected]> wrote: > > Hi, > > there is an episode from Hak5 that claims to show a security vulnerability > of OpenPGP.js: https://www.youtube.com/watch?v=NnHOYSRrqS4 > > As an example they demonstrate an "exploit" and extract private keys > from a Mailvelope and MyMail-Crypt installation. > > Basically they own the machine first and then read in the localStorage SQL > file > where OpenPGP.js stores the keys in clear text. > > My points on this: > > - OpenPGP.js is not meant to be for hostile environments > - This is true for other PGP implementations as well. Take GPG: if you own > the machine you can also do a "gpg --export-secret-key -a" and get all the > keys > - There is a speculation in the episode about a possible attack on the > localStorage from other addons or external websites. This boils down to the > never ending discussion if the browser is a suitable platform for crypto or > not. > - It would be good to have a more modular persistence layer in OpenPGP.js to > enable applications to implement their own secure storage. > > Any thoughts? > > Thanks, > Thomas > > _______________________________________________ > > http://openpgpjs.org > _______________________________________________ http://openpgpjs.org
