On 29.06.2012 17:13, Camaleón wrote:
The point is that software can't be 100% secure. So when possible it is
a good idea to have more than one security layer.
Even if that extra layer is of no help because you leave your computer
open and accessible to anyone? Then you're wasting your time and your
computer resources, security has to sit between useful and effectiveness,
otherwise you're losing the battle.
FileZilla could use a Master-Password to encrypt the Account-Passwords.
So if you start FZ you enter the Master-Password (and may define a time
so that FZ will forgot the Master-PW after some time, when it's still open).
A bug in Apache my cause someone to get access to you FileZilla
-Settings.
I wonder how that can happen...
It was just an example.
Another example, a colleague of yours have SSH-Access on your machine.
Also you allow some commands he can run with sudo. Did you know that
chmod is enough so he could start a shell with root credentials? And I
don't talk about suid.
What I'm trying to say is that our machines are pretty much very complex
and it is very easy to overlook things.
At the moment this would be a big problem, if the file is encrypted the
problem is still there but you have some additional time to change your
passwords. Good thing.
Good thing for a corner case. But the bad thing here is that someone can
access your Filezilla settings from you Apache, though.
Sure. But if there is a bug (or misconfiguration) it might be possible
to do so. If it was a misconfiguration it is your own fault, of course.
Really? I would more worry about the remote servers listed in my
FileZilla-Config (if there are any), because they might belong to
customers, friends, etc. I might get worried about my Backups as I want
to restore my compromised system.
You change the password for your FTP user accounts and that's all. Gee, I
wonder in what way users are using their linux systems that don't store
any important data on them, only for multimedia playing? :-P
No, but the really important data is encrypted in a way so even if my
machine is running all the time the container isn't accessible all the time.
Humans are making mistakes, a false impression of protection may lend
you to such mistakes, this is true. That's one reason why we don't run
background Virus-Checks on our machines (mails are being scanned and you
can do on demand checks for USB media, etc.).
I do check the files I donwload from the web, regardless they are going
to be opened from windows or linux, e-mails are also scanned by means of
ClamAV and USB keys are not anutomatically mounted thus can be also
easily analyzed first.
That's the scenario I tried to point out above.
But it is easy to tell users that all files from those medias may be
evil. It's much harder to tell them that their programs might store
sensible data in a way that isn't secure. At least this is much harder
than for the FileZilla guys to store passwords encrypted.
Curiously enough is not only Filezilla who takes the path for not
encrypting the user credentials so there has to be a reason in behind for
that to happen so often...
Laziness? Why did last.fm stores the passwords of their users as
MD5-Hash without salting them?
Anyway, aren't most of us still using plain pop3 and smtp connections
with no message encryption at all? Who are we blaming? >;-)
Most of my messages are not encrypted because the receiving end isn't
capable of that. But my Credentials will only be transmitted when the
connection is secure (even if the MTA is in the same network).
Again, there are files in my servers (e.g., ssl keys) and also my Mutt
SSL/SSH Keys should have a password or should be stored in some kind of
encrypted container.
IIRC you have to remove the password so Apache can make use of it so
finally the security relies on the file perms (only root can read it).
This is true for Apache SSL but in fact I don't care a lot about my
HTTPS keyfiles, if they got compromised I revoke them. And if you really
want to fake a certificate you might can have this easier through
companies like DigiNotar.
SSL is pretty much snakeoil nowadays, but it's better than nothing.
An encrypted container wouldn't help a lot here, because I assume your
MUA is running most of the day, right? So the container has to be open
all the time and any malware could read
the file.
In my case it is launched on demand. My main MUA is Thunderbird.
Do you use a Master-Password? If so, then guess what? All your passwords
stored in TB are saved encrypted. Nice feature, isn't it? ;)
Do you want us to remove the ethernet cord? ;-)
Would be a nice thing from a security point of view, that's why I
mentioned comfort and performance. :)
There's still dangerous USB flash drives and the always evil CD/DVD and
floppy disks... you never know.
Of course you have to get rid of those drives as well. Also your USB,
Firewire and Thunderbolt ports. eSATA? Well, that's evil. Are there any
known typewriter security holes? ;)
I know at least two companies where no machine has optical/floppy drives
and USB ports. Also you can't send them E-Mails with ZIP-Files, etc.
attached. It's a f*cking nightmare and I really don't know how they can
work like this.
Anyway I think we're going pretty much offtopic. My point is that it
would be a nice feature for FZ (and other tools) to store passwords more
secure. And I don't like the attitude of the developers saying that it's
not their problem if someone could read the file who isn't allowed to.
At least as such a feature is rather easy to implement and won't affect
the user experience in a bad way.
Bye.
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/4fedd417.7070...@concepts-and-training.de
