Question about memory vulnerabilities in 1Password for Windows
@jpgoldberg Two quick questions, given recent articles and discourse on 1Password:
I see a misconception in some recent discourse on 1Password's storing of secrets in memory: that Windows elevation (root) is required to read 1Password's process memory. It appears from multiple testers that this is not the case. In other words, passwords kept in memory are more vulnerable than you first assumed: full system / root compromise is not required. All that is required is brief access to the system while 1Password is locked or unlocked, or a rogue program or browser compromise with user-level privileges. It appears that any discussion of "complete system compromise cannot be guarded against" has become a strawman. In light of this, do you have a different view on how to handle this risk?
You mentioned that many security vulnerabilities come from the use of memory-unsafe languages and approaches. Given the above points, how can any vulnerability introduced by a bug cause a more severe vulnerability than the one we discussed above? If the secrets are always decrypted in memory that is readable by any process, I don't see how memory-safe coding practices improve security in any way. Stability and user experience? Yes, I see that. But why security? Can you elaborate?
Thank you for any clarification you can provide.
1Password Version: 7
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Comments
-
1Password just closed the second thread on this issue. Its pretty shocking that they are willing to point people to an inaccurate KT and try and close off further discussion. Pretty bad PR if you ask me. This happens again and things may need to move to reddit to avoid further censoring.
0 -
@mzman - once midnight has passed, we only see the date (not the time) a thread was posted, so it's possible you posted this prior to Ben's final post in the original thread. Not sure whether you've had a chance to see that post yet, but briefly, we've got a public statement on the matter available at:
Managing 1Password Secrets in Memory
If you have specific questions that have not been addressed in this thread or in the above article, or if you'd like clarification on any points, please feel to reach out directly to our security team at support+security@1password.com. Thanks. :)
0 -
@RyanE - censorship refers to the government preventing you from speaking. That's not what's happening here. We've replied with a public comment in addition to all thirteen pages of dialogue in the original thread, and we're happy to continue follow-up questions via email, if you have any, at support+security@1password.com Thanks for your participation. :)
0 -
@mzman: It was not closed in error. As Lars mentioned there,
we've got a public statement on the matter available at:
Managing 1Password Secrets in Memory
If you have specific questions that have not been addressed in this thread or in the above article, or if you'd like clarification on any points, please feel to reach out directly to our security team at support+security@1password.com. Thanks.
You yourself participated in the original discussion, which has run its course. There isn't a need to open additional duplicate threads.
0 -
This discussion was created from comments split from: Which 1Password process to kill, to remove possible secrets from memory?.0
