this post was submitted on 06 Jul 2024
483 points (94.5% liked)

Privacy

32482 readers
290 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 42 points 5 months ago (3 children)

You. Don't. Store. Secrets. In. Plaintext.

SSH stores the secret keys in plaintext too. In a home dir accessible only by the owning user.

I won't speak about Windows but on Linux and other Unix systems the presumption is that if your home dir is compromised you're fucked anyway. Effort should be spent on actually protecting access to the home personal files not on security theater.

[–] [email protected] 9 points 5 months ago

Kinda expected the SSH key argument. The difference is the average user group.

The average dude with a SSH key that's used for more than their RPi knows a bit about security, encryption and opsec. They would have a passphrase and/or hardening mechanisms for their system and network in place. They know their risks and potential attack vectors.

The average dude who downloads a desktop app for a messenger that advertises to be secure and E2EE encrypted probably won't assume that any process might just wire tap their whole "encrypted" communications.

Let's not forget that the threat model has changed by a lot in the last years, and a lot of effort went into providing additional security measures and best practices. Using a secure credential store, additional encryption and not storing plaintext secrets are a few simple ones of those. And sure, on Linux the SSH key is still a plaintext file. But it's a deliberate decision of you to keep it as plaintext. You can at least encrypt with a passphrase. You can use the actual working file permission model of Linux and SSH will refuse to use your key with loose permissions. You would do the same on Windows and Mac and use a credential store and an agent to securely store and use your keys.

Just because your SSH key is a plaintext file and the presumption of a secure home dir, you still wouldn't do a ~/passwords.txt.

[–] [email protected] 9 points 5 months ago (3 children)

Not true, SSH keys need their passphrase to be used. If you don't set one, that's on you.

[–] [email protected] 17 points 5 months ago* (last edited 5 months ago) (1 children)

Come on, 95% of users don't set passwords on their ssh keys

[–] [email protected] 5 points 5 months ago (1 children)

Where are these stays from lmao.

[–] [email protected] 5 points 5 months ago (1 children)
[–] [email protected] 4 points 5 months ago

You can count me too

[–] [email protected] 10 points 5 months ago

Well yes, but also how would users react if they had to type in their passphrase every time they open the app? This is also exactly what we're giving up everywhere else by clicking 'remember this device'.

[–] [email protected] 2 points 5 months ago

If someone gets access they can delete your keys, or set up something that can intercept your keys in other ways.

The security of data at rest is just one piece of the puzzle. In many systems the access to the data is considered much more important than whether the data itself is encrypted in one particular scenario.

[–] [email protected] 0 points 5 months ago

SSH has encrypted keys