undefined | Better HN

0 pointsastalwick12y ago0 comments

But it's not. Not THAT easy. I'm a developer, with a fair bit of experience, and I'm nowhere near the average defcon attendee. (Unless I'm badly overestimating their abilities).

My mom? She asked a shop owner, two days ago, 'do you have a, uh, online thing? You know, with the pictures?'

And yet, "Mom, experiment: type 'chrome://settings/passwords' in my browser and see how many passwords you can steal in 60 seconds".

0 comments

tptacek12y ago

You are badly overestimating their abilities, for instance by assuming that the typical Defcon attendee can code. We're talking past each other. Just take my word for it that bypassing the proposed "master password" is even easier than I've managed to make it sound.

j / k navigate · click thread line to collapse

0 pointsastalwick12y ago0 comments

But it's not. Not THAT easy. I'm a developer, with a fair bit of experience, and I'm nowhere near the average defcon attendee. (Unless I'm badly overestimating their abilities).

My mom? She asked a shop owner, two days ago, 'do you have a, uh, online thing? You know, with the pictures?'

And yet, "Mom, experiment: type 'chrome://settings/passwords' in my browser and see how many passwords you can steal in 60 seconds".

0 comments

tptacek12y ago

j / k navigate · click thread line to collapse