One of the 1Password ones (https://team-sik.org/sik-2016-040/) about leaking URLs is marked as fixed, however, that's a little misleading. It's fixed if you use their newer vault format, which has limitations, and is not selected by default when you create a new vault. I wrote this about it a while back: https://myers.io/2015/10/22/1password-leaks-your-data/
yea, but still the problem is that all users who created a vault before Nov 2015 never got any message neither is their database upgraded automatically. They will unknowingly keep using the old database format.
Seems alarming for a company who's business is security/privacy.
micampe|9 years ago
I just tried creating a new vault and it created a .opvault. It became the default with version 6.1, released in Nov 2015 https://app-updates.agilebits.com/product_history/OPI4#v6100...
DavideNL|9 years ago
yea, but still the problem is that all users who created a vault before Nov 2015 never got any message neither is their database upgraded automatically. They will unknowingly keep using the old database format.
Seems alarming for a company who's business is security/privacy.
Velox|9 years ago
chmars|9 years ago
https://support.1password.com/switch-to-opvault/