Key for chromium's encrypted cookies store in Linux is “peanuts”(code.google.com) |
Key for chromium's encrypted cookies store in Linux is “peanuts”(code.google.com) |
https://code.google.com/p/chromium/wiki/LinuxPasswordStorage
But yeah, it pretty much looks for any sort of secure credential manager and falls back to the fixed key only when nothing is available.
There's so many blurry lines there. I agree that a secret store is best done as a system level service, but it's so hard to standardize on one api, and yet so easy for a shitty one to become de facto (I.e. X.org).
No, the best it could do is to have a master password, provided at launch.
I'm really concerned about the extent to which neither Google nor Mozilla actually cares about user security. No plaintext password should ever live somewhere outside of the user's head; no password encrypted with a user-memorable password should live outside of a computer under the user's physical control. Thus, passwords (and other private data) on remote systems should always be encrypted with secure keys, themselves generated on the user's device and encrypted on his device with his memorable password.
The facts that by default Google will store your website and WiFi passwords (along with your emails and pictures) in plaintext on their servers, and that Mozilla utterly destroyed the security of their sync system, are utterly sickening.
You're going to need to qualify that statement.
> Mozilla utterly destroyed the security of their sync system
You're going to need to qualify that statement.
Mozilla used to be different. However, when Brendan was purged, first doubts may have arisen. Now that we also see cyber-bully Klabnik on their payroll, the probability has risen sharply that Mozilla has been successfully subverted into a political pressure group.
Since Mozilla now is enrolled in support of the dominant ideology, it has no incentive for supporting privacy anymore, either: The dominant ideology wants minority opinion holders to be outed and ostracised.
Just over half of those participating have installed Gnome/KDE/Cinnamon
https://qa.debian.org/popcon-graph.php?packages=gnome-shell%...
And it looks as if about a quarter totally are using Gnome/KDE/Cinnamon regularity (rest could be switched off of course!)
https://qa.debian.org/popcon-graph.php?packages=gnome-shell%...
Popcon statistics are notoriously hard to interpret though so a large pinch of salt needed.
If an attacker can read the file the cookies are stored in, you have already lost.
It even mentions "obfuscation" - which might be a slight obstacle if this was closed-source - but Chromium is open-source.
For example if a sysadmin is investigating a problem they're less likely to accidentally see a user's data in human-readable form, it also provides a level of defence against unsophisticated attackers.
Password is: "peanuts" Salt is: "saltysalt" Algorithm used: AES-128-CBC The number of KDF iterations is: 1
Edit: Indicate that no. of iterations is for the Key Derivation Function
The salt doesn't really need to be secret, as it is only there to make an attacker work harder. However, the existence of a known, hardcoded salt means that an attacker can generate rainbow tables specifically for cracking these cookies, so the salt isn't really useful here.
The application specific "master password" is more of an anti-pattern for effective credential storage. The most glaring issue is that user friction is so high that it's rarely ever enabled, because it's just too inconvenient and confusing for most people. But beyond that it has the weaknesses typical to any credential manager not deeply integrated into the OS (e.g. credential management is handled entirely in the user's context, management is inconsistent between applications, etc.).
The only advantage system-level password storage has is when the attacker e.g. wants to get the passwords from a forensic image or such.
this doesn't really protect much from other users since other users don't have access to the file in the first place, and doesn't protect from the user that owns the browser process.
which is probably why the bug still exists, adding a randomly generated key only adds another easily passable obstacle
> // Salt for Symmetric key derivation.
> const char kSalt[] = "saltysalt";
In seriousness, what gives!? Why are these so simple? Surely a development base as large as Chromium's could pick up on something like this.
Chrome must be able to read its cookies, so cookies file must be readable/writeable for user vbezhenar. And there are high chances that I'll run malware program under this user vbezhenar too, so it can read cookies file, but it won't be able to access encryption password.
Actually, the politicalization of Mozilla means that everything technical will lose priority over time.
> You're going to need to qualify that statement.
They store that information such that they can read it. Yes, it may actually be encrypted with a key they have access to, but it's effectively plaintext because they can read it.
> > Mozilla utterly destroyed the security of their sync system
> You're going to need to qualify that statement.
https://blog.mozilla.org/services/2014/04/30/firefox-syncs-n...
Your master key is stored on their servers, encrypted with a key derived from your password. That's pretty bad already, since user-memorable passwords are highly susceptible to guessing. It gets worse though, since they use Mozilla-served JavaScript to log you into your Firefox account—which means Mozilla could choose to serve someone different JavaScript and steal his password.
All it would take is a court order, and they could be forced to do it.
If you don't give it a key, it does the best it can with an impossible problem.
And if you set a master password for Chrome mobile, you can still access everything without this password on desktop chrome, and in reverse.
As you are logged into your Google account anyway, though, they should just use your account identifier as seed for the key if no other option is available.
In GNOME,the wallet is opened by the login manager and that means all the contents of the wallet are available to all processes run from the logged in user account.
KDE refused to have the above behavior of the login manager opening the wallet and hence after login,there must be atleast one application that will have to open the wallet and then the behavior will be the same as libsecret.
Lots of people who use these two storage systems are not aware of the above.
I dont like the above behavior as i want each application to manage its own private wallet and i created lxqt_wallet[1] to give me the behavior i want.
The project also supports libsecret and KWallet for those who prefer these backends.
Yes, its insecure to have the user session act as an unlock on a cryptographic store like that. It looks like lxqt_wallet is even worse on that front in terms of UX - yes, its more secure for every program to have its own secret stores and require prompts to unlock them, but average desktop users just want to login and have that unlock their secret stores, pretty much like Gnome does it.
What you really want is MAC on secrets. Applications that add to the secrets database get implicit access to those secrets in the future, but first access should require user permission before an application can start accessing your credentials for other accounts. You don't really need anyone to reinput a password, just prompt users "Kfoo wants to access your account neckbeard@gmail.com, allow?" with allow / deny choices, or make it an option in the wallet GUI.
You could probably even integrate it into current MAC solutions. Make it a VFS somewhere in var, and have your distro ship sane defaults like letting the sanctioned im client (both are based off telepathy nowadays) access the secrets store on a whitelist of domains, like @gmail, @chat.facebook.com, etc.
lxqt_wallet supports 3 backends: kwallet,libsecret and internal one that gives the behavior i explained above.
Each backend has its pro and cons and the project lets the user pick which one works best for them.
There need to be a general purpose secure storage system that can accommodate users who wish to not have their secrets that are meant to be used by only one application be exposed to all other applications.