undefined | Better HN

0 pointsthrowawayffffas8mo ago0 comments

Even without copyable keys, if your friends and family can be tricked into pasting their plain text keys into a scam site, they can be tricked into pasting their encrypted keys and their associated password to a scam site.

The point of encryption at rest is to protect your data if your device is accessed by a third party. Not from user action.

0 comments

3 comments · 1 top-level

joshuamorton8mo ago· 2 in thread

> Even without copyable keys, if your friends and family can be tricked into pasting their plain text keys into a scam site, they can be tricked into pasting their encrypted keys and their associated password to a scam site.

The point is that data shouldn't really be copyable, but a backup should at least be encrypted.

Ideally you don't have or need a key transfer mechanism, because sites have the ability to register multiple keys and you add or remove devices by adding or removing new keys, and you recover a backup to the same passkey-manager.

"Please upload the backup of your password manager and enter the root password" is not a thing you should ever do, and reasonable users, even technically incompetent ones understand that. The only people who want that behavior to be possible are weird power users whose desire makes it easier for anyone who uses such a password-manager to be phished.

Like, I've had this conversation before on this site, and my personal rule of "I should never copy a private key, and I should certainly never copy a private key between devices or onto a cloud" remains something I'm confident in. If I need a private key used across devices, I can trust it to a key-management scheme like the ones built into Signal or the various passkey managers I use. I don't want to manually copy my signal cypher-data between devices either!

throwawayffffasOP8mo ago

> I don't want to manually copy my signal cypher-data between devices either!

Yes you. Others do. Whenever I switch laptops the first thing to do is copy over all ssh keys. I am not going to roll a new key and add it to 100 servers.

A couple of years back I switched password managers, I didn't go over 1000 sites and changed all my passwords, my password manager exported a plaintext file and I had it imported in the other after a small transformation step.

> "Please upload the backup of your password manager and enter the root password" is not a thing you should ever do, and reasonable users, even technically incompetent ones understand that.

No they don't and if they did they would also understand not to upload their plaintext credentials.

Security for the lowest denominator cannot be used as an excuse for locked down computing for everyone or at least it shouldn't. At some point we have to put on our big boy/girl pants and know the implications of what we are doing.

joshuamorton8mo ago

> A couple of years back I switched password managers, I didn't go over 1000 sites and changed all my passwords, my password manager exported a plaintext file and I had it imported in the other after a small transformation step.

And, modulo the "plaintext" part, I think this is a reasonable usecase. It's equivalent to the "backup" case. I transfer an encrypted blob between devices and decrypt it locally is reasonable.

> No they don't and if they did they would also understand not to upload their plaintext credentials.

Except that you have already stated that you have done exactly this, and you claim to know what you're doing!

1 more reply

j / k navigate · click thread line to collapse