It's amazing how weak most application security is, I haven't trusted
browser stored password security in a long time. Using lastpass now,
but I often wonder how good it really is.
Ever use pidgin (adium?)? Ever notice all the passwords are stored in
plain text in the config xml? Lots of things like that that are quite
stupid. I've *recovered* reused passwords a number of times via that
alone. Linux now uses the keyring at least, win/mac, not so much.
Full disk encryption everywhere possible anymore - luks works reliably
for me under linux.
-mb
On 08/06/2013 12:06 PM, Stephen wrote:
I just did a very quick check of this, Chrome, FireFox and safari all
have this data stored in a reversible fashion on both Mac and Windows.
safari at least prompts you for the user login to show this data.
IE seems to not allow you to retrieve the password without 3rd party
utilities.
This certainly makes me review my personal choices of full dis
centryption and physical security of my computer.
On Tue, Aug 6, 2013 at 11:41 AM, Ed <[email protected]
<mailto:[email protected]>> wrote:
http://blog.elliottkember.com/chromes-insane-password-security-strategy
is Chrome the new attack vector to your stored passwords in other
browsers? would a master password protect against this kind of slurp?
Han's presentation at the last East Side PLUG meeting was really on
point - thx
---------------------------------------------------
PLUG-discuss mailing list - [email protected]
<mailto:[email protected]>
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss
--
A mouse trap, placed on top of your alarm clock, will prevent you from
rolling over and going back to sleep after you hit the snooze button.
Stephen
---------------------------------------------------
PLUG-discuss mailing list - [email protected]
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss
---------------------------------------------------
PLUG-discuss mailing list - [email protected]
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss
