undefined | Better HN

0 pointsvenomsnake10y ago0 comments

Sending in plaintext is sloppy. You can have any protocol over loopback.

0 comments

And where would you store the keys for that communication in a way that an attacker with root privileges couldn't get it? "Encrypting" with keys available to the attacker is mere obfuscation. In this case, it would provide no extra security to customers; all it would do is lead them to believe that something is encrypted when it is merely obfuscated.

julie7878710y ago

Except that you can attack stored encryption secrets either off-line, or with the same privileges as the user.

If they are hard-coded in the binary, they can be extracted off-line by another use with the same binary. If they are generated at run-time, they have to be stored with permissions that grants the user access to their own resource.

There are programming techniques for sharing a file descriptor, but they aren't portable. That makes generating a keypair, then sharing an open file descriptor to the file containing the keypair impossible.

j / k navigate · click thread line to collapse

0 comments

jpgoldberg10y ago

julie7878710y ago

Except that you can attack stored encryption secrets either off-line, or with the same privileges as the user.

j / k navigate · click thread line to collapse