Fixing C's Biggest Mistake
Don Allen
donaldcallen at gmail.com
Thu Jan 12 03:16:24 UTC 2023
On Wednesday, 11 January 2023 at 23:39:50 UTC, Walter Bright
wrote:
> On 1/11/2023 5:35 AM, Don Allen wrote:
>> 1. Steal your password
>> 2. Produce the "secret key", which they won't be able to
>> 3. Get past 2FA, which they won't be able to
>
>
> Those are all good things. But it doesn't help you if you
> download a trojan version of the manager, or a trojan
> masquerading as an update. I've also seen several schemes that
> outmaneuver 2FA.
The safety 1Password doesn't depend on 2FA alone. A hacker has to
get through three barriers.
>
> Allow me to explain the framing. At Boeing, it was never "that
> part cannot fail". It is always framed as "when that part
> fails, how do we land safely?"
>
> So, *when* your password manager fails, what are you going to
> do about it?
Maybe nothing, since these packages are designed using the Boeing
approach: try your damnedest to fail safe.
LastPass just did fail. They had a security breach months ago.
That's where my passwords were at the time. Have I seen any
evidence that my accounts have been compromised? Absolutely not.
To what do I attribute that? My use of long-enough random
passwords drawn from a big-enough character set. And the
effectiveness of AES256. And the fact that I have 2FA enabled on
all sensitive accounts were it is optional, e.g., Amazon. I moved
my passwords to 1Password for the simple reason, mentioned in an
earlier post, because the LastPass management handled the
situation dishonestly. I prefer not to give my business to such
people.
>
> I'm not singling you out, I'm trying to make a point. Far too
> many software developers develop a hubris that they can write
> software that cannot fail. Unfortunately, usually someone else
> is going to have to pay for that mistake.
Yes, that's true. I don't see the relevance to this discussion. I
am making an educated guess that password managers are safe
enough to use, not that they are perfect. Just like you make the
same educated guess when you get on an airplane that Boeing or
Airbus or Embraer knew what it was doing when it built the
airplane, the people in the cockpit are competent, especially in
an emergency (sometimes you get a Sullenberger, sometimes you get
a Pierre Bodin (AF447), or the Asiana 214 pilot who couldn't
hand-fly a landing in perfect VFR conditions, or the guy in
Buffalo who responded to a stall-warning by pulling back while
his co-pilot retracted the flaps), and ATC doesn't screw up. It's
a damned good system, but it's not perfect. Same thing exactly.
More information about the Digitalmars-d
mailing list