KPasswordEdit patch (was Re: new widgets...)
neil at qualityassistant.com
Mon Sep 30 08:55:52 BST 2002
-----BEGIN PGP SIGNED MESSAGE-----
On Sunday September 29, 2002 11:25, Thomas Zander wrote:
> On Sat, Sep 28, 2002 at 07:29:26PM -0700, Neil Stevens wrote:
> > [A]re you also clearing the memory used by X (for input of the
> > password)
> I doubt the '*'s will be any use :)
Keystrokes, my man, keystrokes. When the user inputs the password, he
doesn't type *****. X does receive the keystrokes, then sends them to
your "secure" program.
> > and by your network stream (for output of the
> > password)?
> I doubt the encrypted connection will be of any use :)
Make sure to wipe every intermediate. And are you wiping the data from
every step of the secure protocol process?
> > If you assume an insecure OS, you lose no matter what your code does.
> > But if you assume a secure OS, then you don't need to resort to cheap
> > tricks like these. Either way, it's a waste of time.
> Ok, you must have heard this before; but real security is only possible
> if done from the ground up.
Security of what? There's no such thing as one broad kind of "real
security." You have to decide what you're securing yourself against!
That's why "Security is not optional" is such a worthless statement.
> Your only argument is that there will be other positions that the system
> will be cracked and that its useless to do security anyway; well thats
> your choice. Please don't limit mine, I believe in the simple principle
> of minimalizing the points of failure.
No, that's not my argument. My argument is that these steps are
unnecessary. In a secure system, these steps do not protect against any
threats that are possible. In an insecure system, these steps do not
protect against any threats.
By your argument, we should change every instance in KDE of
ptr = 0;
ptr = 0;
Because while it's not necessary, it make sure that the problem of a crash
isn't on our end.
Neil Stevens - neil at qualityassistant.com
"I always cheer up immensely if an attack is particularly wounding
because I think, well, if they attack one personally, it means they
have not a single political argument left." - Margaret Thatcher
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
-----END PGP SIGNATURE-----
More information about the kde-core-devel