[Discuss] Yesterday's Cloudflare News and Online Password Managers...
Kent Borg
kentborg at borg.org
Fri Feb 24 08:18:08 EST 2017
Did you know that some software has bugs? It's true!
Yesterday's Cloudflare bug ("cloudbleed") leaked lots of kinds of data.
Including data from an unnamed password manager. No! (Yes.)
https://www.theregister.co.uk/2017/02/24/cloudbleed_buffer_overflow_bug_spaffs_personal_data/
Again: When choosing a password manager (when putting all your eggs in
one basket), look for the one that is the most manual, with the fewest
convenience features (such as auto-fill or being on online service, say).
Your password manager *will* have bugs.
Choose one that is most conservative, most isolated from the outside
world, one that requires you be in the middle of every dispensing of a
password. Then that inevitable bug (only one?) won't matter so much.
Or, you don't have to do this. You could go with one that just takes
care of everything for you, sit back, relax...and wait for the bad news
that you need to rebuild your life. Maybe that news never comes, but
yesterday's news suggests otherwise.
There will be bugs.
-kb, the Kent with bad news.
More information about the Discuss
mailing list