Results 1 to 7 of 7

Thread: kwallet and security

  1. #1

    Default kwallet and security

    Heya,

    I read in a topic here that if you don't know about security and computers its not a good idea to use kwallet. I have NO clue about computer security!! So I'm guessing I shouldn't be using kwallet.

    How do I turn it off? Will it have any influence on my work? Meaning, kwallet has stored my log on info for these pages, when I use konqueror, it asked for passwords (for kwallet) when I established the wireless connection here at uni. Does that mean these things won't work?

    Daqar
    Acer TravelMate 7730G Intel C2D P8400, 4GB memory, OpenSUSE 12.3 w. KDE 64bit. 4 year of linux experience, 19 years of Windows experience.

  2. #2
    Join Date
    Jun 2008
    Location
    Berlin
    Posts
    2,061

    Default Re: kwallet and security

    I read in a topic here that if you don't know about security and computers its not a good idea to use kwallet.
    I find that to be a very strange opinion... could you point us to this very thread? KWallet is a password-manager, its function should be quite clear even for not so experienced users, so what extra knowledge could be needed to use it?

  3. #3

    Default Re: kwallet and security

    Quote Originally Posted by techwiz03 View Post
    my 2cw: Coming from a security based / paranoid environment, I can see and "on the surface" relate to his concerns. In the security sensitive industries Windows has long been touted as too insecure to be reasonably used without being governed by a secure server typically Linux. Smaller operations quite often lack the IT depts with the where with all to sheild the user systems. Seeing what you thought as publishing email addresses and showing the world master passwords is just as unnerving in Linux as when you are dealing with M$ ****.

    I see this OP as being so unnerved by the misconception possibly due to past experience of a M$ environment to be taking drastic action. It is GOOD that he posted this concern here where the knowledgeable can weigh in to dissolve or defuse the concerns for both this OP and others who might have similar concerns. Being concerned about safety is more important as time prevails.

    Using Kwallet IMHO is a very bad idea when you aren't strong on security understanding! Mail clients by nature are designed to make it easier for users to access email not only through the client but also to provide this ease of access to any user app that may need to send or receive email. If you don't want your email address shared with your other apps ... don't tell this info to the mail-client.

    Cheers

    Its taken from this thread:
    KDE vs good manners - Page 2 - openSUSE Forums

    Daqar
    Acer TravelMate 7730G Intel C2D P8400, 4GB memory, OpenSUSE 12.3 w. KDE 64bit. 4 year of linux experience, 19 years of Windows experience.

  4. #4
    Join Date
    Jun 2008
    Location
    Berlin
    Posts
    2,061

    Default Re: kwallet and security

    Hm, if you agree on this point of view (I personally do not) you could deactivate KWallet in KDEs systemsettings (in the "advanced"-tab). You will still be able to type each password yourself, of course, so it wouldn't decrease the functionality of your system, only the comfort (since you have to remember each password and type it every time one is needed).

  5. #5

    Default Re: kwallet and security

    I don't know if I agree with the statement. I know nothing of computer security. I don't know what risk, if any, I'm taking by using kwallet.

    So under the assumption that you know about computer security, maybe at least more than I do. Would you recommend using kwallet? With any precautions or other considerations?

    Daqar
    Acer TravelMate 7730G Intel C2D P8400, 4GB memory, OpenSUSE 12.3 w. KDE 64bit. 4 year of linux experience, 19 years of Windows experience.

  6. #6
    Join Date
    Jun 2008
    Location
    Berlin
    Posts
    2,061

    Default Re: kwallet and security

    I am using KWallet and have never seen any security related flaw in it. I think I know at least enough about security issues to be able to judge that. :) Honestly, I actually do not get techwiz03s point (for example I do not understand why he claims that KWallets master password is visible to "world" - this is just plain wrong, the master password and the single passwords are strongly encrypted and can not even be accessed by root).

  7. #7

    Default Re: kwallet and security

    So I guess I don't need to worry about that...good.

    Thanks for the advice !!

    Daqar
    Acer TravelMate 7730G Intel C2D P8400, 4GB memory, OpenSUSE 12.3 w. KDE 64bit. 4 year of linux experience, 19 years of Windows experience.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •