undefined | Better HN

0 pointsthayne5y ago0 comments

> Developers frequently store this stuff in plain text in their home directory or as environment variables

If you care about the security of these artifacts, why is their home directory (or their full disk) not encrypted? If they have access to the repository, they probably have artifacts downloaded on their laptops, so if the laptop is compromised, the artifacts are compromised anyway.

Edit:

Not saying temporary credentials are bad. But the reasons you gave seem a little suspect to me. A better reason is that you don't have to worry about invalidating the credentials when an employee stops working for you.

0 comments

sudhirj5y ago

The problem isn't encryption, let's assume everyone has full disk encryption turned on, so someone who steals your laptop can't access your data.

The problem is that your home directory is accessible to a ton of apps on your computer, and you have no idea what each of them is doing with that access. You also have no idea if any of them can be / are being exploited. The most recent case being Zoom – if that server they had running on localhost and responding to anyone on the laptop had file system access APIs (which is reasonable if Zoom had offered file sharing on calls) an attacker would have been able to read all your credentials.

Bnshsysjab5y ago

If you have an app on your computer that is controlled remotely you have _massive_ issues. Creds are stored for SSH, browser, probably heaps of other things too. If this is a serious security concern within your threat model you should be auditing every single package or isolating (docker, vms, Bare metal if you’re super tin foiled), anything short of that is fake security.

txcwpalpha5y ago

>Creds are stored for SSH, browser, probably heaps of other things too.

And ideally these credentials should have similar controls applied around them as well (only temporary, using passwords to unlock the SSH keys, etc). If you don't have that, that's your choice, but just because some of your credentials lack security controls is not a reason for other credentials to lack security controls, too.

> you should be auditing every single package or isolating (docker, vms, Bare metal if you’re super tin foiled), anything short of that is fake security.

Which is exactly the reason that many orgs do specifically audit every package and disallow unapproved software. But again, even if some of your desktop apps are allowed unaudited, that is not reason to lessen your security elsewhere.

1 more reply

thayneOP5y ago

In that case, the rogue app would have access to your temporary credentials anyway...

txcwpalpha5y ago

Yes, and of course that is bad, but it is not as bad as a rogue app having access to infinite life credentials.

j / k navigate · click thread line to collapse

0 pointsthayne5y ago0 comments

> Developers frequently store this stuff in plain text in their home directory or as environment variables

Edit:

0 comments

sudhirj5y ago

The problem isn't encryption, let's assume everyone has full disk encryption turned on, so someone who steals your laptop can't access your data.

Bnshsysjab5y ago

txcwpalpha5y ago

>Creds are stored for SSH, browser, probably heaps of other things too.

> you should be auditing every single package or isolating (docker, vms, Bare metal if you’re super tin foiled), anything short of that is fake security.

1 more reply

thayneOP5y ago

In that case, the rogue app would have access to your temporary credentials anyway...

txcwpalpha5y ago

Yes, and of course that is bad, but it is not as bad as a rogue app having access to infinite life credentials.

j / k navigate · click thread line to collapse