Autor: Robert Ransom Datum: To: The Tails public development discussion list Betreff: Re: [Tails-dev] Please review & merge
feature/install-password-manager
Some issues in keepassx 0.4.3-1ubuntu3 (according to the changelogs,
nothing I'm pointing out is fixed in Debian's 0.4.3-2):
* The icons in share/keepassx/icons/ appear to be from the Oxygen
theme, and appear to be missing both their copyright and license
information (Oxygen is LGPL) and their preferred form for modification
(especially clientic.png).
* src/lib/random.cpp will use fake entropy produced by a
non-cryptographic PRNG with a 32-bit seed if it fails to open or read
from /dev/urandom.
* src/dialogs/CollectEntropyDlg.cpp records the (low-entropy) sequence
of keys pressed by the user, and discards the keystroke event timings
which contain most of the entropy.
* It uses the Gladman implementation of AES, which makes no attempt to
resist timing side-channel attacks. (It also supports using Twofish
to encrypt password databases; Twofish cannot be implemented
efficiently without side-channel leaks.)
* It also includes an RC4 implementation (RC4 also cannot be
implemented efficiently without side-channel leaks), and uses a single
global RC4 key to ‘encrypt’ multiple strings in memory (see
src/lib/SecString.[hc]) by XORing each of them with (part of) the same
sequence of keystream bytes.
The cryptography used on disk should be adequate, aside from the
side-channel leaks and the fake RNGs. (It encrypts the whole file
using a block cipher in CBC mode with a random IV and mediocre
integrity protection.)
The other password managers you've considered are probably at least as
bad as this one.