[Cryptography] Security weakness in iCloud keychain

Kent Borg kentborg at borg.org
Fri May 4 10:19:19 EDT 2018 

On 05/04/2018 02:35 AM, Ron Garret wrote:
> I actually tried that [...]
>
> I turned off [...]
>
> Then I turned [...]
>
> I tried two or three times to [...]
>
> Further investigation will [...]

Exactly my point.

Apple is about as mainstream as you can get, you aren't an idiot, and I 
don't think you did something wildly outside the envelope, yet you are 
having these problems.

Password management software is software, therefore it WILL have 
bugs--there is no way to avoid that. Password management software is 
also extremely sensitive, it holds, by definition, the most sensitive 
computer information possible: the "nuclear codes" to your life. This is 
a problem. Your choice should be very careful, this isn't just the 
latest game everyone is playing so you download it, too.

Password management needs to be as simple as possible. Any password 
management software needs as few automatic convenience features as 
possible, with the smallest and cleanest system boundary as possible--so 
there will be some hope of securing it.

Competitive marketing features are an enemy here. It needs to come from 
a trusted source whose motivation is your security not the whim of the 
current marketing and management of some company. It needs to come from 
smart programmers who are paranoid about security holes and buffer 
overflows and carefully sanitized input, etc. (Oh, and *leaks* of your 
passwords aren't the only risk. *Loss* of your passwords is not a great 
thing to happen to you, either.)

And once you select this mythical conservative program, you need 
hardware and an OS on which to run it. End-point security is really 
hard, if some spyware manages to get on your machine and target your 
password management software, you are toast.

Picking secure software and running it on a secure machine is something 
very, very few people are capable of, getting it wrong in this case has 
serious consequences, therefore most people should not do this. Most 
people should manage passwords with paper and pencil. But that's not 
sexy and high tech, and the experts all disagree with me.

A breach that exposes your Twitter password is not such a big thing for 
you. Twitter is pretty competent, yet this still happened to them. A 
breach that exposes every password in someone's life (or many persons 
lives) is rather worse those persons. This is going to happen.

To appropriate an old cliché: We have a fad of everyone getting 
elaborate and fragile "baskets"--of just a few designs--and putting all 
their "eggs" in these baskets. This is not going to end well.

But the experts all say I am wrong.

-kb, the Kent who is shouting into the wind.

More information about the cryptography mailing list