Fwd: That great security problem...
George Staikos
staikos at kde.org
Mon Aug 9 16:29:06 BST 2004
On Monday 09 August 2004 06:13, David Faure wrote:
> I'm sure you're aware of all the phishing that's going on at the moment.
> Every browser's vulnerable if its user is stupid enough, and all humans
> are (at least sometimes).
>
> I think it's possible to almost kill the problem. Even though the
> problem is about social engineering, I have a technical barrier that'll
> almost kill it.
>
> It's a two-part approach:
>
> 1. When Konqueror logs in to a TLS-secured web site, it should store the
> certificate and the MD5 hash of the password.
We already store the TLS certificate generally, though we do expire them
over time. We should at least store the SHA-1 hash btw. There are already
online databases of MD5 hashes of passwords out there. I'm sure there will
be a SHA-1 database sometime too. (KWallet stores the hashes of the lookup
key, not the password, unencrypted so it's a bit better off.)
> 2. When Konqueror is about to send a password, it should do the MD5, see
> if that password has been used with a TLS site, and if so, check that
> that same certificate is valid for the site that will receive the
> password.
>
> In effect, if you log in to your bank with password 54738591 and you
> later reuse the same password elsewhere, Konqueror should pop up a
> dialog saying: "Warning: The same password has also been used with <TLS
> cert owner>, which does not own/secure <web site>. Are you sure you
> want to use it with <web site>?"
Sounds like a good idea actually. It should go into bugzilla as a
wishlist, and it should be implemented KIO-wide, not just in KHTML.
--
George Staikos
KDE Developer http://www.kde.org/
Staikos Computing Services Inc. http://www.staikos.net/
More information about the kfm-devel
mailing list