Boston Linux & UNIX was originally founded in 1994 as part of The Boston Computer Society. We meet on the third Wednesday of each month at the Massachusetts Institute of Technology, in Building E51.

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] Yesterday's Cloudflare News and Online Password Managers...



Did you know that some software has bugs? It's true!

Yesterday's Cloudflare bug ("cloudbleed") leaked lots of kinds of data. 
Including data from an unnamed password manager. No! (Yes.)

https://www.theregister.co.uk/2017/02/24/cloudbleed_buffer_overflow_bug_spaffs_personal_data/

Again: When choosing a password manager (when putting all your eggs in 
one basket), look for the one that is the most manual, with the fewest 
convenience features (such as auto-fill or being on online service, say).

Your password manager *will* have bugs.

Choose one that is most conservative, most isolated from the outside 
world, one that requires you be in the middle of every dispensing of a 
password. Then that inevitable bug (only one?) won't matter so much.

Or, you don't have to do this. You could go with one that just takes 
care of everything for you, sit back, relax...and wait for the bad news 
that you need to rebuild your life. Maybe that news never comes, but 
yesterday's news suggests otherwise.

There will be bugs.

-kb, the Kent with bad news.





BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org