The only reason any of this is an issue is because we have our data and communication in the internet. That's what makes mass surveillance possible.
If you keep your data off the internet, then you're only at risk of individual surveillance. But even that's difficult; stuxnet demonstrated that even air gapped computers are at risk, because we move data around on usb sticks and the like.
So, speech and paper, or human memory, are the only really secure media.
As for all the apps we carry around in our pockets ... do you really need instant online access to your bank balance over the internet on the bus? We used to carry around checkbooks and make entries in the register. If you really need to know your balance 24/7, carry a register booklet, or a moleskin. Then you don't have to wonder if Mint et al. are giving up your passwords.
So really what we need is some kind of API design that allows for password changes that all websites should adopt. Of course that's never going to happen...
Still, if 1password made scraping work for the biggest sites out there (google, microsoft, etc) then that in itself would already be worthwhile.
1Password doesn't store your passwords, it generates them on the fly. You would need to hand over your encrypted password storage and your passphrase. Both of which 1Password has no control over.
1Password is a local, encrypted store of known passwords. Nothing is generated, except for the original passphrases themselves, which are completely random (not from a seed).
a3n|12 years ago
The only reason any of this is an issue is because we have our data and communication in the internet. That's what makes mass surveillance possible.
If you keep your data off the internet, then you're only at risk of individual surveillance. But even that's difficult; stuxnet demonstrated that even air gapped computers are at risk, because we move data around on usb sticks and the like.
So, speech and paper, or human memory, are the only really secure media.
As for all the apps we carry around in our pockets ... do you really need instant online access to your bank balance over the internet on the bus? We used to carry around checkbooks and make entries in the register. If you really need to know your balance 24/7, carry a register booklet, or a moleskin. Then you don't have to wonder if Mint et al. are giving up your passwords.
Opt out.
wesley|12 years ago
Still, if 1password made scraping work for the biggest sites out there (google, microsoft, etc) then that in itself would already be worthwhile.
Styn|12 years ago
nwh|12 years ago
1Password is a local, encrypted store of known passwords. Nothing is generated, except for the original passphrases themselves, which are completely random (not from a seed).
unknown|12 years ago
[deleted]