clipman secure transfer
Mike Massonnet
mmassonnet at xfce.org
Fri May 24 09:48:30 CEST 2013
Hey Liviu,
I think what might be a good solution is a blacklist system
I opened two bugs:
https://bugzilla.xfce.org/show_bug.cgi?id=10113
https://bugzilla.xfce.org/show_bug.cgi?id=10112
In this way the passwords for example would not appear in the history.
WDYT
Mike
2012/5/10 Liviu Andronic <landronimirc at gmail.com>:
> Dear Mike
> You are the maintainer of Clipman and I'm writing you off-line because
> this email is the subject of a more farfetched request and I'd like to
> discuss it in private first.
>
> I read the docs on Clipman [1] and to my understanding any string
> selected and copied gets stored in at least two places: the primary
> and the default clipboards. This arrangement works fine for normal
> usage, but I'm not sure whether it's appropriate for sensitive data
> such as passwords.
>
> Recently I've been introduced to PasswordMaker [2], which proposes an
> innovative way to generate and use secure passwords. In a nutshell, I
> choose a strong Master Password and then I use PasswordMaker to
> generate, via hashing algorithms, very long and unique passwords which
> cannot---computationally infeasible---reveal the MP. There is however
> one security detail that bugs me:
> Depending on the PasswordMaker Edition used, one needs to *copy* and
> paste a given password for a specific account. This means that the
> password is being shared with a completely unsecured medium---the
> clipboard.
>
> I ranted on this issue on their forums [3], but this security concern
> doesn't seem to be taken seriously by the devels. Here's where Clipman
> could come in, by providing a 'Secure transfer' mode. What follows is
> a proof-of-point design:
> - add a 'Secure transfer' checkbox in the interface
> - when activated, Clipman would forcefully stop putting any selected
> or copied string into either of the two X11 clipboards
> - it would take a selected or copied string and store it within an
> internal buffer, in memory, potentially encrypted
> - would make it available for a single paste operation
> - after which the contents of the 'secure' buffer get cleared (for good)
>
> Do you think that this would be feasible? Would it have a place in
> Clipman, and would you have any interest in providing such a feature?
> Should I file an enhancement request? Please let me know.
>
> Regards
> Liviu
>
> [1] http://docs.xfce.org/extra/clipman/start
> [2] http://passwordmaker.org/
> [3] http://forums.passwordmaker.org/index.php/topic,1751.0.html
>
>
> --
> Do you know how to read?
> http://www.alienetworks.com/srtest.cfm
> http://goodies.xfce.org/projects/applications/xfce4-dict#speed-reader
> Do you know how to write?
> http://garbl.home.comcast.net/~garbl/stylemanual/e.htm#e-mail
More information about the Xfce
mailing list