(no title)

> Any program running in the userspace can read the private key file; have the private keys always been not so private all this time?

That's right, and the reason for that seeming surprising is that the threat model has quietly changed.

Previously: You owned your computer and your data on it, and you ran programs you trusted e.g. you'd buy Microsoft Word and you'd assume that that program acted in your interests, after all the seller wants you to buy the program. Desktop operating systems originated from the time when this was the current threat model.

Now: Programs don't necessarily act in your interest, and you can't trust them. The mobile phone operating systems were built with this threat model in mind, so mobile "apps" run in a sandbox.

As an example of a modern program that doesn't act in your interest, Zoom "accidentally" left a web server on Macs, even after it was uninstalled. https://techcrunch.com/2019/07/10/apple-silent-update-zoom-a...

You can store them in the Secure Enclave on OSX and require TouchID to use the key for signing.

See: https://github.com/maxgoedjen/secretive

That’s why ideally you use a pass phrase with you ssh key. Apps can still read it but not use it.

Yeah, un-sandboxed programs can access all your user files. That's why there has been such a large push for sandboxing tech like Flatpak. (In general though, you really shouldn't be running programs you don't trust in anything but a VM.)

This is how it has been, there are ways around this though:

1) use a pgp derived key, this means that anything authenticating will hit your gpg agent and only that, nothing is using that key then

2) load your key and then remove it, which I’ve done before using a LUKS encrypted partition (then load the key into ssh-agent, then remove the volume).

3) Storing your keys in the secure enclave on Apple computers. A little bit onerous if you use an external keyboard without touchID though.

I have a program on my computer that watches for read events in that folder to see if anything actually tries to read an access key. I can publish the source if you want. it uses inotify in linux.

That's usually my argument when someone mocks me for logging into all my computers as root. Having a separate nonprivileged user and running tons of desktop/shell programs isn't really much better considering all those programs have access to your ~, which is on a PC usually the most inportant directory IMHO.

firejail is a program that helps mitigate this issue by restricting syscalls of programs.

> have the private keys always been not so private all this time?

It's not called private key because it is very secure and can't be accessed... It's on you to ensure that!

Only if they run under your user as your private key permission should be only you can read it. Programs running as you are basically you.

This is true for SSH key, but not for all data on MacOS, e.g. if you run `find ~/Library/Application Support/AddressBook` the OS will ask you if you want to give access to contacts to iTerm2/whatever (unless you have given it before). I'm not aware of a way to create additional sandboxed "folders".

Also, some applications on MacOS are sandboxed, IIRC Mail is one of them. Also, some (all?) applications installed from AppStore. That's the reason I prefer installing applications from AppStore: they seem to be at least somewhat sandboxed.

For development, I try as much as possible to leverage remote development via [JetBrains Gateway](https://www.jetbrains.com/remote-development/gateway/) and [JetBrains Fleet](https://www.jetbrains.com/fleet/). VSCode also has remote development but they explicitly assume that remote machine is trusted (in the security note in the remote extension plugin readme). In the case of JetBrains tools I have not seen any explicit declaration whether remote host is trusted (as in: if remote machine is pwnd then we may as well let pwn your personal machine), but at a glance it seems like there are minimal precautions (if you run web application and open it in a browser, the Gateway will ask if you want to be redirected to a browser etc.)

Probably best scenario for such remote development clients on MacOS would be to put them in AppStore: this way they could leverage sandboxing and in the case of thin client, the sandboxing likely won't limit functionality.

Yes, it’s actually a bit disappointing they didn’t implement keychain support which makes this a lot harder. But then people would be screaming that Apple is peeping at your private keys, even though Apple can’t see the contents of the keychain.

> Any program running in the userspace can read the private key file;

Only programs running as you (or `root`). It's private to you⁰.

Programs running as other users cannot read the file.

(Assuming you've not changed the permissions on the file or the `~/.ssh/` directory)

⁰ and the sysadmin - but if they're not trustworthy they could just replace `/bin/bash` or the kernel with their own version that copied everything you typed anyway.

That's why it's a good idea to use a passphrase with your key so that the key by itself is not useful to anyone.

It's not easy for people to run only trustworthy software, or even software that has been reasonably vetted by others. Not everyone has the aptitude to know how to check for surreptitious file accesses, or have the desire to learn just to make functional use of their computers.

Yep, same with cookies and cloud credentials: https://www.macchaffee.com/blog/2023/hacking-myself/

Use a pass phrase!

It's totally fine, just do that npm install or `curl | bash`, no need to read anything.