|
|
Apps need unlocked keychain
I agree with you that Apple has definately overlooked a serious security issue here and should come up with a better model for protecting the keychain. Apparently the keychain has to be unlocked for applications to use it though. If I lock my keychain and then try to run an application which stores the password in the keychain (i.e. Entourage, Adium, iTools, etc) then when I run the application, it asks me for my keychain password so that it can get the stored password. Going back into the Keychain utility reveals that it is no longer locked. I am guessing that Apple's thinking is that if any application can access the stored passwords in the keychain, then any human can as well because the human could just write an application to access it. Therefore they just let the human access it directly. I call out to Apple to SERIOUSLY reconsider their security model here!!! Who uses their computer in a completly closed environment where random people are never walking by? Not me! I constantly think about what could happen if i left my computer sitting by itself for 5 minutes. For me, the best solution at this time is to not leave any important passwords in the Keychain. Furthermore, it is good security practice to have a password protected screen saver running. As far as fixing this problem though, it should not be that hard. Perhaps the keychain could be locked for everything except for an "acceptable application list." Furthermore, you should at least have to enter the keychain password to view the other passwords in the keychain. Finally, all keychain access should be logged so that people can see what's been going on in their system. I plead with you Apple, PLEASE CHANGE THIS!!
|
SearchFrom our Sponsor...Latest Mountain Lion HintsWhat's New:HintsNo new hintsComments last 2 daysLinks last 2 weeksNo recent new linksWhat's New in the Forums?
Hints by TopicNews from Macworld
From Our Sponsors |
|
Copyright © 2014 IDG Consumer & SMB (Privacy Policy) Contact Us All trademarks and copyrights on this page are owned by their respective owners. |
Visit other IDG sites: |
|
|
|
Created this page in 0.09 seconds |
|