project idea: portable password safe

EdorFaus edorfaus at xepher.net
Tue Sep 10 21:45:11 EDT 2013


On 09/11/2013 02:51 AM, Ron K. Jeffries wrote:
> Given recent information from Mr. Snowden, the concept of "trusted PC"
> seems so 1980s.

Well, if you have a PC from the 1980s that you've never connected to the 
Internet, I guess that might qualify as one..? :)

More seriously though, I guess that's just all the more reason to 
include some way of getting the passwords into/out of the device without 
having to trust a PC, and also having some way of ensuring that the PC 
can't read/write arbitrary passwords even if you connect the device to it.

That is, with that setting active, the PC should only be able to get 
passwords that you explicitly and directly (not via the PC) ask the 
device to send to it, as if it was just a simple keyboard. The PC 
shouldn't even be able to get a list of saved passwords.

Or, alternately, the device could behave as if the write lock was off, 
except that all reads/writes goes to a separate jailed section that you 
can control independently of the "real" section... If done properly, any 
malware on the PC should not be able to distinguish that from a device 
that really only contains the passwords it's allowed to see anyway 
(because you're using them).

I suspect that would be harder to implement safely, though, so it has 
more potential for bugs (including info-leak bugs) than simply disabling 
all access and pretending to be just a keyboard.

-Frode



More information about the discussion mailing list


interactive