In the world of bad ideas we have seen a remarkable array. There was hair in a can, the car-b-q and the pocket fisherman to name a few. Sure they have camp value but, you wouldn’t rely on any of them as a matter of practice. So, why then do people hand over their passwords for chocolate? Or, as in this case, for convenience of an online service.
Maybe that’s just it.
People have so many passwords that they are falling out of their ears in a lot of cases. Passwords are frequently viewed by the average user as little more than an irritant. They’re not given the importance that people might assign to the banking PIN number. This type of thinking inevitably leads to sticky notes on computers and inane passwords such as “password”, “letmein” and “secret”.
Today (Monday) I read about a service called Clipperz on the Web Worker Daily. This is an online service that will store your passwords for you. Maybe my professional paranoia of the last decade+ as a security operator has rotted my brain but, how is this realistically a good idea?
No ill will intended to the folks at Clipperz. I’m sure they have all the right intentions and have taken proper steps to ensure security.
From Web Worker:
Obviously, security and privacy are a consideration when using such a service. I liked that no personally identifying information is required for registration, not even an email address. On the security side, Clipperz says that all data is encrypted or decrypted locally at the browser level and that even your secure passphrase is never saved or sent to the server. They make the source code available for security review and I found no indication from anyone who questioned their methods.
That isn’t the part that gets me. It’s the message that this conveys to the user. Sure, you don’t know me but, trust me.
I’ll store your password for you.
Want some chocolate?
Entrusting Joe Schmoe with your credentials is bad in a “Don’t cross the streams” kind of way. From the FAQ:
“Clipperz exploits the capabilities of modern browsers to efficiently execute Javascript code. All your private information are locally encrypted before storing them on Clipperz servers. So you don’t need to trust Clipperz because you are just giving Clipperz a bunch of scrambled and twisted bits.”
Not only are they telling people to give up their goodies, they’re conditioning them that they don’t even need to trust them. A bunch of scrambled and twisted bits indeed…
@ CJ
“exploits the capabilities” I think they might be better served with “leverages the capabilities”
But hey, what do I know.
Ha!
@ Dave,
Clipperz is trying to promote “zero-knowledge web applications” as defined in this post:
http://www.clipperz.com/users/marco/blog/2007/08/24/anatomy_zero_knowledge_web_application
We are fully aware that it’s a counterintuitive concept and we deliberately applied it to the most sensitive kind of data: passwords!
But we are completely transparent: we provide the source code and the tools to perform a security review of the whole application.
Furthermore, few days ago we announced Clipperz Community Edition: a downloadable package that offers same features and functionalities of the hosted online service. Now everyone can host Clipperz password manager on any MySQL/PHP enabled server.
http://www.clipperz.com/open_source/clipperz_community_edition
Most importantly Clipperz is released under an open source license. We opted for AGPLv3, recently approved by OSI, since it solves the “ASP loophole” in GPL.
(Btw, we had to move from Google Code hosting to SourceForge because AGPL is not welcome at Google!!!)
http://www.clipperz.com/users/marco/blog/2008/04/04/clipperz_not_welcome_google_code
Feel free to contact me for any further information,
Marco
Clipperz co-founder
PS
(ed. note: changed the direction to the prev commenter)
@CJ@Dave Lewis Changed from “exploits” to “leverages”. Thanks!