Ahoj, Dňa Wed, 17 Nov 2021 11:51:46 -0600 Scott Mutter via mailop <[email protected]> napísal:
> Don't forget local compromises - keyloggers, spyware, and other
> malware - running on an end-user's system.
If one use good email client/browser, locally stored passwords are not a
problem as they are encrypted:
{AES-256-CBC,50000}nzTZHRh...snip...2sbjH9/O/XoG
If you have passwords stored in plaintext, no malware is needed, as
some OS are posting all personal files to its vendor, often hidden as
telemetry, and often cannot be fully disabled... But when you cannot
believe your OS, then no "telemetry" is needed, as OS can see all your
typing anyway...
No, i do not want to tell, that these OS's vendors are participating on
passwords leaks, but these files can be stolen from them by attackers
or employees (they are people too).
And if someone provides, in these days, still plain access (110/tcp,
143/tcp, 25/tcp with or without STARTTLS) for you (do not matter if
as primary or as fallback only), nobody have to care about files in your
PC.
regards
--
Slavko
https://www.slavino.sk
pgpIO_s_4qkzG.pgp
Description: Digitálny podpis OpenPGP
_______________________________________________ mailop mailing list [email protected] https://list.mailop.org/listinfo/mailop
