![]() In short, backdooring Linux is impractical, and for the same reasons so is backdooring OSS security software like KeePassX.īottom line: OSS should be viewed as more trustworthy than otherwise equivalent closed source software. In either event it doesn’t matter since the Linux kernel’s source code is freely available for auditing and, given the expertise of the community of kernel developers, it is frequently audited. Later his father suggested that he had been approached after all although I didn’t interpret it in such a definitive manner myself. Some coverage took this as a direct confirmation that they had approached him but he later clarified that it had been meant as a joke. ![]() There was some recent controversy surrounding the NSA and Linux in which, in response to a question about whether the NSA had approached him to insert a backdoor into the Linux kernel, Linus Torvalds jokingly nodded yes while saying no. OSS means that a piece of software can be audited by both the individual user and by the community as a whole this makes inserting backdoors or purposefully weakening security impractical, because even if you don’t have the expertise to audit the source code the community generally will. In the case of password management software or, more generally, any software you need to trust with your security and privacy, I argue that one should consider OSS before closed source alternatives - all other things being equal. There are a variety of viewpoints on the benefits or lack thereof of open source software (OSS). There are also mobile apps compatible with databases created with this software see KeePassDroid for Android or MiniKeePass for iOS. Like similar software and services, its purpose is to help the user maintain a secure and encrypted database of account credentials it includes a powerful built-in password generator among other features. It’s also my personal choice and I can comment on it from that perspective. ![]() KeePassX is a clone of the originally Windows-only KeePass software this version is noteworthy for being compatible with KeePass databases, cross-platform, and open source. I’ll be focusing on one particular choice but toward the end I’ll list some popular alternatives. This overview was originally part of my post on fixing shared password vulnerabilities but may be helpful to anyone interested in an overview of how password database software works.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |