|
Another Security Flaw?
I don't know if this has been found and discussed, or if this is the right place to bring it up, but this is something I just noticed...
I thought I would flash my N900, start fresh, and have done so... One of the tools I used was the default N900 'Backup' app... Brilliant app, restored everything... - Contacts completely restored, including additional IM details - Apps, remembered list, downloaded and installed - Desktop, exactly how it was - Website favorites - RSS feeds - System preferences - Email an IM accounts - Website logins and passwords But then I thought, sooooo the backup app saved all my accounts and passwords then... I had a look inside the 'backup' folder, had a look in a couple files, an sure enough, you can find and read files that include logins and passwords! I did not look through them all, but for one example is: places.sqlite Which is located in the backups\Backup\settings.zip\Root\home\user\.mozill a\microb folder. Does the community know about this? It should not be this easy to find accounts logins and passwords. Discuss |
Re: Another Security Flaw?
places.sqlite is a Mozilla file and thus Mozilla should encrypt it, not Nokia. Sure, Nokia could rewrite the engine to encrypt it but that would probably slow down the phone. Doesn't adding a password to the backup make you safe enough?
|
Re: Another Security Flaw?
You could set a password for the backup. Do not know if this is really secure, though.
|
Re: Another Security Flaw?
Ah...did not see or bother with the 'protect with password' in my first backup, valid point.
Carry on. |
Re: Another Security Flaw?
Quote:
Time for some experimentation :) |
Re: Another Security Flaw?
Quote:
|
| All times are GMT. The time now is 15:10. |
vBulletin® Version 3.8.8