nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Google uploading your plain text passwords

From: Michael Thomas <mike () mtcc com>
Date: Fri, 11 Jun 2021 13:06:42 -0700
On Fri, Jun 11, 2021 at 12:01 PM William Herrin <bill () herrin us> wrote:


On Fri, Jun 11, 2021 at 10:27 AM Michael Thomas <mike () mtcc com> wrote:

Isn't that what lots of password managers do? I understand that one of

them syncs point to point, but that has the downside that it probably needs
to be on the same subnet.

It's exactly what lots of password managers with browser extensions
do. I don't personally use them because I don't want my passwords
reversibly stored on a computer that I don't directly control. I have
no great philosophical problem with their existence and use by those
who want them, I just don't want them for myself.



Well, browser extensions in and of themselves scare the living hell out of
me.  It really surprises me that they aren't a major attack vector and in
the news all of the time.

But yes, I agree that even encrypted they are a *very* tempting target for
hackers, and especially foreign governments. A breach would mean that
everybody is instantly screwed since they don't have to break into
individual computers, install malware, etc.

Mike
Previous By Date Next
Previous By Thread Next

Current thread: