MC passwords in images?
Andreas Raab
andreas.raab at gmx.de
Sat Nov 5 01:25:20 UTC 2005
Cees De Groot wrote:
> On 11/4/05, Andreas Raab <andreas.raab at gmx.de> wrote:
>
>>Please, stop trolling.
>>
>
> Hmm... I think he has a point there (and I do not think at all that
> he's trolling).
Then please enlighten me what the point was (besides spawning pointless
discussions ;-) The way I look at it it's a fact that we use images to
share. And I think we can agree that sensitive personal information
should never be shared (not even accidentally) without explicit consent.
If that's the case then no sensitive personal information like passwords
should ever be stored inside an image. Therefore the image is NOT a
reasonable place to store passwords.
> A 'Scrub&Save' entry in the world menu, and packages could register
> there to wipe out sensitive data. Wouldn't be a bad idea at all,
> better than having to pack up a whole christmas tree of files when you
> want to move an image around.
The "Scrub&Save" entry is completely missing the point unless you
*always* Scrub&Save - the issue I was having happened because somebody
asked me for an image, and I shared it without starting, checking, and
realizing that this image did indeed contain sensitive passwords. The
point here is that you never get bitten if you *do* think of checking it
to begin with - you always get bitten if you *don't* think of it.
Scrub&Save is great if you do think of it, but if you don't, it doesn't
matter. The net value for the cases that matter is precisely zero.
Cheers,
- Andreas
More information about the Squeak-dev
mailing list
|