Fixing C's Biggest Mistake

Don Allen donaldcallen at gmail.com
Thu Jan 12 03:16:24 UTC 2023 

On Wednesday, 11 January 2023 at 23:39:50 UTC, Walter Bright 
wrote:
> On 1/11/2023 5:35 AM, Don Allen wrote:
>> 1. Steal your password
>> 2. Produce the "secret key", which they won't be able to
>> 3. Get past 2FA, which they won't be able to
>
>
> Those are all good things. But it doesn't help you if you 
> download a trojan version of the manager, or a trojan 
> masquerading as an update. I've also seen several schemes that 
> outmaneuver 2FA.

The safety 1Password doesn't depend on 2FA alone. A hacker has to 
get through three barriers.

>
> Allow me to explain the framing. At Boeing, it was never "that 
> part cannot fail". It is always framed as "when that part 
> fails, how do we land safely?"
>
> So, *when* your password manager fails, what are you going to 
> do about it?

Maybe nothing, since these packages are designed using the Boeing 
approach: try your damnedest to fail safe.

LastPass just did fail. They had a security breach months ago. 
That's where my passwords were at the time. Have I seen any 
evidence that my accounts have been compromised? Absolutely not. 
To what do I attribute that? My use of long-enough random 
passwords drawn from a big-enough character set. And the 
effectiveness of AES256. And the fact that I have 2FA enabled on 
all sensitive accounts were it is optional, e.g., Amazon. I moved 
my passwords to 1Password for the simple reason, mentioned in an 
earlier post, because the LastPass management handled the 
situation dishonestly. I prefer not to give my business to such 
people.

>
> I'm not singling you out, I'm trying to make a point. Far too 
> many software developers develop a hubris that they can write 
> software that cannot fail. Unfortunately, usually someone else 
> is going to have to pay for that mistake.

Yes, that's true. I don't see the relevance to this discussion. I 
am making an educated guess that password managers are safe 
enough to use, not that they are perfect. Just like you make the 
same educated guess when you get on an airplane that Boeing or 
Airbus or Embraer knew what it was doing when it built the 
airplane, the people in the cockpit are competent, especially in 
an emergency (sometimes you get a Sullenberger, sometimes you get 
a Pierre Bodin (AF447), or the Asiana 214 pilot who couldn't 
hand-fly a landing in perfect VFR conditions, or the guy in 
Buffalo who responded to a stall-warning by pulling back while 
his co-pilot retracted the flaps), and ATC doesn't screw up. It's 
a damned good system, but it's not perfect. Same thing exactly.

More information about the Digitalmars-d mailing list