-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 2015-07-27 14:10, Anton Aylward wrote:
On 07/27/2015 07:45 AM, Carlos E. R. wrote:
When a laptop is stolen it is normally suspended/hibernated, and inside a bag or on a table, while the owner is somewhere else. Meaning that the screen is locked, so the thieve can not access the running system.
Why are you making that assumption?
Because that's what happens in real life. That's how I use my laptop.
In the novel, the real user was wheelchair bound. He was knocked unconscious (and killed) while using the machine.
Well, that's a percent of cases. They can also point at me with a gun and politely ask for my password and bank pin. Doesn't void my use pattern of my computer at all...
Personally I think that the idea of having a cleartext version available anywhere is a bad idea. If it matters that much there should be no cleartext version anywhere except in memory.
And that's where it will be. tmpfs is memory. A process ram can be read by another process with sufficient privileges. Read the GPG docs.
Of course all this is really a pole of crap, isn't it? You're not using those IMAP/POP passwords anywhere else are you?
No, but an attacker with access to a person email can request the password for many other services to be reset. A link is sent to the mail, click, change password. Even to banks. That's my issue. - -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" (Minas Tirith)) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iF4EAREIAAYFAlW2LjkACgkQja8UbcUWM1wB0gD+NT1LsO3WIFDW4gvuyrMws2za eL/dPvBgOwnoFytAuLUBAJRaFxs2q37jBTrx2CuqGKPyzK7r4I70mYcjQl3f4r+v =cBKd -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org