Wednesday, August 7, 2013

Plaintext passwords

I saw this (and this) and instantly thought: seems fair, if you saved the password for a site then anyone with access to the browser can log in to the site. So why not display the password in plaintext if a user wants to see it? The only reason would be to allow users to save a password for a less important site and use the same password on a more important one. That way, if someone got access to the browser they can login to the less important site but not the more important one.

The tradeoff, however, is that showing the password is a great usability feature. If I save the password, I tend to forget it and when I want to log in from somewhere else I need to see the saved one. The Chrome developers chose usability for this case. I would do the same. In fact, I would be upset if I cannot see the password when I want to see it. [Some banks don't let you see your own account number when you log in and I find that silly and upsetting.]

I think the confusion arises from the publicity given to some data breaches where passwords were not encrypted or were hashed without salt. This issue is clearly different from the browser's saved password feature. This issue is comparable to a thief getting access to everyone's money in a bank while the browser issue is more like me getting to count the money in my wallet.

Thursday, March 7, 2013

Samsung KNOX - security by obscurity?

Samsung is finally getting serious about security. Most people don't realize that Apple has had it for a while. I blogged about it a few months ago. One of the cons of Apple's solution was the lack of a mobile device management (MDM) solution of its own. Samsung KNOX seems to have some part of that baked in while relying on "enterprise preferred MDM vendor solution" to complete the solution.

It is not clear to me if KNOX is as good as iOS. It is nice that the files are encrypted but that is no use of the keys are easily accessed by an adversary. It is not clear how they are stored in the KNOX design. Apple's design is good: keys are generated randomly at factory and stored securely in the chip. If KNOX doesn't get this right, there is no value in its MDM or other security features. Until Samsung documents that part openly, I would call it security by obscurity...or security by marcom (marketing communications) :-)