Known issues

Release Description
unplanned
(build ?)
FFkeystore (future release)

    issues

    features

  • p53secure input
    normal input fields should somehow utilize EnableSecureEventInput that was possible with carbon events.
  • p56PARANOID:double encryption
    clear text is additionally encrypted with smart card. This makes decryption a 2 step process and the matching smart card mandantory.
  • p57PARANOID:encrypted hash
    The checksum for the key store file is secured with a password. So any tampering with the key store file can be detected because the protected hash can only calculated with the correct password.
0.2.0
(build ?)
FFkeystore (next release)

    issues

    features

  • p47categorization
    There are now groups beside default in which passwords can be placed. The order of the groups can be controlled via drag & drop in the preferences windows. The order of passwords within a group can be controlled with drag & drop within the main window. All selected passwords can be moved to one group.
0.1.0
(build 1)
FFkeystore (planned release)

    issues

  • p45help missing in application
    There is no help in the application itself, only this online pages.
  • p46auto layout wrong
    You can destroy layout by resizing the windows - this needs to be fixed
  • p51true length of password
    during entering the key store password, the true length is revealed (you can count the number of tokens entered in the password field)
  • p52core dumps
    The application must not allow to write core dumps somehow (as this reveal your key store password)

    Note:
    it is not possible to securely detect if the system is allowed to make core dumps on the kernel (to do this, you would need to have a priviledged user and even then I'm not sure, if root is capable of hiding this). As a compromise I will check, if user land dumps (aka current running application is enabled) and warn on this.
    However, you should keep this in mind that it still possible to get your clear text password by generating a kernel dump and analyzing it - additionally keep in mind, that there are tools to send the kernel dump AWAY from the local machine. Try to keep your key store unlocked as short as possible to minimize this risk (which is quite considerable as is the easiest attack on your encrypted data)