[moneydance] moneydance-info Digest, Vol 59, Issue 5
Brian Juergensmeyer
brian at grokware.net
Tue Jun 10 09:19:12 EDT 2008
Hi, All,
----- "Steve Lessard" <MoneydanceUser at pigdawg.com> wrote:
> I can think of a few ways that the in-memory password could be
> serialized to disk (core dump on Linux, Unix & OSX or mini dump on
> Windows.) This may be on the more paranoid side of security, but is
>
> the in-memory password also encrypted?
>
> -SteveL
To be honest, I'd be more worried about an un-sanitized swap file than a core dump, but you're right: this is on the paranoid side. :)
I wouldn't think it would be too hard (using javax.crypto and friends) to get encryption in there. And I expect that, depending on his implementation, Sean will get the in-memory password encrypted for free once he gets the saved version of the password encrypted.
Even then, though, for the TRULY paranoid, there is a point that the password must exist in plaintext in memory (unless all of the banks receiving passwords from Moneydance are equipped to do AES decryption). So, you can't totally eliminate that attack vector. All you can do is minimize it.
Brian
--
Unix Mercenary - We're not happy until you're not happy.
More information about the moneydance-info
mailing list