Nick Daly <[email protected]> writes: > Sandy Harris <[email protected]> writes: > >> (from Slashdot) A claim that various distros store wifi passwords >> unencrypted. Does this affect us? >> >> http://news.softpedia.com/news/All-Linux-Distributions-Store-Wi-Fi-Passwords-in-Plain-Text-If-You-Don-t-Use-Encryption-412387.shtml > > As far as I can tell, this specific case (though not the concept) is > irrelevant to the FreedomBox server. The article discusses storing > unencrypted wireless passwords on the hard-drive of the client device. > This article is saying that: > > "If someone has physical access to your laptop, they'll probably be able > to read the passwords that you use to connect to wireless networks."
I'm reasonably sure that this plain-text storage only actually happens with Network Manager if you set the network to be active for all users. I really don't see what the complaint here is -- it seems that someone managed to pick up the "plaintext == BAD!!!" meme, and has applied it indiscriminately. If you want the WiFi to come up before any user interaction (which is what the "available to all users" bit means) then the machine is going to need plaintext access to the password. What else does this person expect? I presume they want some sort of security by obscurity added on, so that it looks like the password is encrypted, because it's stored in base64, or has been XORed with "sNaKe-OiL" or some such nonsense. *sigh* This strikes me as equivalent to some newbie health and safely official trying to insist that Speedway Motorcycles should be fitted with ABS while failing to notice that they don't actually have any brakes. Cheers, Phil. -- |)| Philip Hands [+44 (0)20 8530 9560] http://www.hands.com/ |-| HANDS.COM Ltd. http://ftp.uk.debian.org/ |(| 10 Onslow Gardens, South Woodford, London E18 1NE ENGLAND
pgpOmIkaEJdba.pgp
Description: PGP signature
_______________________________________________ Freedombox-discuss mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
