Language Selection

English French German Italian Portuguese Spanish

GNOME Keyring

Filed under
Software
Security

For the past week or so, people have been talking about a “security issue” in Seahorse. This sums up my opinion on the matter:

This isn't a security issue, and there is no good way to fix it.

A password managing daemon, such as GNOME Keyring, increases the security of stored passwords for the following reasons:

  • Passwords are stored in a database that uses real encryption, not just an obfuscation scheme
  • A single code base needs to be audited to make sure no vulnerabilities exist in the encryption algorithms that are being used
  • The database is protected by a password that is known only to the user who unlocks it
  • Since the database is encrypted, no other user or bootable CD can recover the stored passwords if the unlock password is not known

So, if GNOME Keyring increases the security of user credentials, why can you see your passwords exposed in plain text when you open Seahorse? Because you've unlocked the keyring using your login password.

Full Post




More in Tux Machines

Why and how I became a software engineer

Throughout my experiences, the fascinating weeks I'd spent writing out DOS commands remained a prominent influence, bleeding into little side projects and occupying valuable study time. As soon as Geocities became available to all Yahoo! Users, I created a website where I published blurry pictures that I'd taken on a tiny digital camera. I created websites for free, helped friends and family fix issues they had with their computers, and created a library database for a church. This meant that I was always researching and trying to find more information about how things could be made better. The Internet gods blessed me and open source fell into my lap. Suddenly, 30-day trials and restrictive licenses became a ghost of computing past. I could continue to create using GIMP, Inkscape, and OpenOffice. Read more

Linux Kernel 3.18.32 LTS Released with Btrfs, EXT4, ARM, x86, and PA-RISC Fixes

Immediately after announcing today the release of Linux kernel 4.1.23 LTS, and after informing us yesterday about the availability of Linux kernel 3.12.59 LTS, kernel developer Sasha Levin now published details about Linux kernel 3.18.32 LTS. Read more

Linux greybeards release beta of systemd-free Debian fork

The effort to create a systemd-free Debian fork has borne fruit, with a beta of “Devuan Jessie” appearing in the wild. Devuan came into being after a rebellion by a self-described “Veteran Unix Admin collective” argued that Debian had betrayed its roots and was becoming too desktop-oriented. The item to which they objected most vigorously was the inclusion of the systemd bootloader. The rebels therefore decided to fork Debian and “preserve Init freedom”. The group renamed itself and its distribution “Devuan” and got work, promising a fork that looked, felt, and quacked like Debian in all regards other than imposing systemd as the default Init option. Read more

GNOME Builder 3.20.2 Arrives with LLVM 3.8, FreeBSD and OpenBSD Support

The developers behind the GNOME Builder IDE (Integrated Development Environment) pushed earlier to updates of the software to the stable and devel channels, GNOME Build 3.20.2 and 3.21.1. Read more