[Passwordsafe-devel] Semi-automatic update option?
Popular easy-to-use and secure password manager
Brought to you by:
ronys
From: ronys <ro...@gm...> - 2007-09-15 11:44:23
|
Hi, Users have been asking for an automatic update mechanism for = PasswordSafe, so I've begun thinking on how to implement it: I've never liked applications that take the liberty of connecting a = server without asking me, to check for updates and who knows what else. = So here's how I'd go about it for PasswordSafe: - The Help->About dialog would have a "check for update" button. This = button will initiate a connection (described in a minute) IF AND ONLY IF = there's no "open" database, that is, there's no sensitive data in the = application's memory. My main worry here is that an attacker can do a = man-in-the-middle attack and find some kind of exploit (e.g., buffer = overflow) to access and download sensitive data. - The update button will open a hardcoded URL, something like = "https://passwordsafe.sf.net/latest.txt" This will have the version = information for the latest & greatest, and a URL for downloading it. - I'm wondering if it's worth adding signature verification capability, = so that the downloaded version can be verified as authentic. On one = hand, this is easily subverted if the attacker replaces the victim's = original version with one that fakes the validity check, on the other = hand, if the attacker can do this, then the attacker can already do what = he wants with the user's data, so the validity check is the least of his = worries... I'd be very happy to get comments/criticism/suggestions on the above. Cheers, Rony |