Stop using “the cloud” to store your passwords. Unless you control said cloud, you have to trust someone to not fuck up their security that you now depend on. Everyone eventually does.
The difference is also, that someone who’s job is storing other people’s passwords is by definition a target. So is the fuck up, someone will notice. If you host those yourself, or you rent a place where you can host them for yourself, that is just one person’s server. The interest and possible gain for someone gaining access is so small, it’s even unlikely. So when you inevitably fuck it up, the chances someone notices before you do are relatively small.
In this context “self host” can ironically mean using a cloud service for hosting. You can use a file based password manager and just sync the database. Solutions like KeePass have apps for many platforms, and they can often even directly load from cloud storage, like Google drive, OneDrive or DropBox. The password database is strongly encrypted, and even if your storage gets compromised, your passwords are still safe (assuming a good password or some then better security was used to encrypt it).
You give up the convenience of having a single service and having to get each device to access the file. But that’s it. It’s not that hard and so much better than a password service, even if just for their attack surface, or the “likely target” these are.
Your comment is irrelevant to the issue at hand because it’s a local attack and your suggested alternative could therefore be just as vulnerable.
Self hosting is cool for 0.0001% of the population, for anyone else it’s either too difficult or a hassle. It’s also an oversimplification that I have to “trust” the cloud company and imply that a self hosted solution is inherently safe. You run that program on a computer with 100 different apps, each of which is an attack vector and you’re just you, without the backup of a small army of developers hunting down issues and independent parties auditing the whole shebang.
The only thing self hosting has going for it is that the target is incredibly small, but this is not as big a factor as you suggest because of the maturity of some of these services who basically just store a blob of data you encrypted locally and access to their servers or even your data is usually without danger.
Ah the Internet classic: calling someone’s comment irrelevant, when you clearly haven’t even read, or at least not understood it. It isn’t that long of a comment. Try reading it again.
Oh whatever, here’s another attempt at explaining it: there’s a huge difference if my passwords are in a place where people generally keep passwords, or if they are where only my passwords are. If someone has never heard of me, but they attack my cloud-password-solution and get in, they still get my passwords. Someone attacking me personally, if he’s truly competent as a hacker, in probably screwed either way. At least he can only attack me, he can’t attack “some public thing” and get my stuff “by accident”. Think “personal safe in my home” compared to “public bank” (ignoring the fact that a bank is insured and all that for this analogy).
Your second point would be valid if open source didn’t exist. First of all I didn’t imply that it was inherently safe, I implied that there isn’t a single point of trust, which was my would point. Even if you can’t read/audit it yourself, there are projects that have public audits by reputable security companies. Plus if there truly were backdoors, assuming a non-tiny user base, someone would’ve probably noticed.
Then your final point seems to acknowledge the attack surface, but the problem with the “locally encrypted blob” is that this statement from the cloud provider is another thing you just have to believe them on. They might do that, they might not. Many don’t even claim that, because people like convenience and want options for password recovery to their password service. those two are mutually exclusive.
I’m sure it’s a classic because people tend to latch on to any opportunity to start waffling after reading just the title. Ironically, you start your comment telling me I didn’t read yours and you end it with admitting that I address exactly that which you go on about. So which is it?
What bothers me most is that your solution is not realistic, you’re just proselytizing out of idealism but who is it really aimed at? Who’s going to self host a password manager? Uncle Jim and aunt Betty? You know what the average person is capable of? Writing down their passwords on a piece of paper, usually 4 separate ones with different versions for every time they’ve lost it. At best, they allow a key manager on their device to save a password when they enter it, and if the stars align and all their devices use the same OS and they authenticate, then maybe there is even some synchronization involved. That’s a lot of ands and maybes, but you suggest to ignore that and instead use a solution where they not only understand all those steps but also set it up for themselves.
The masses are not going to wake up one day with the know how to do these things, it’s not even going to happen gradually. I don’t even want to do it, and I was born with a computer and run servers for a living. What is going to happen is that solutions that are easy enough to use will become safe enough in order to minimize the risks. Anything else is a pipe dream.
With self hosting you have to trust that you won’t fuck up, that your house or wherever you are hosting won’t lose power when you need it, or burn down or face some other disaster. At the very least you should have an external location, which you also should trust pretty thoroughly.
Also that’s not to mention that open source projects still have security vulnerabilities sometimes, and also sometimes they get a lot less developer attention than profesional projects.
I love self hosting stuff and do a lot of my own computer backups etc. but the most important stuff I rely on professional cloud solutions for. I simply don’t have the resources to be able to compete.
Stop using “the cloud” to store your passwords. Unless you control said cloud, you have to trust someone to not fuck up their security that you now depend on. Everyone eventually does.
The difference is also, that someone who’s job is storing other people’s passwords is by definition a target. So is the fuck up, someone will notice. If you host those yourself, or you rent a place where you can host them for yourself, that is just one person’s server. The interest and possible gain for someone gaining access is so small, it’s even unlikely. So when you inevitably fuck it up, the chances someone notices before you do are relatively small.
That probably works well for people who are able to self host.
I use cloud password storage. I don’t have the knowledge, time, or inclination to self host.
In this context “self host” can ironically mean using a cloud service for hosting. You can use a file based password manager and just sync the database. Solutions like KeePass have apps for many platforms, and they can often even directly load from cloud storage, like Google drive, OneDrive or DropBox. The password database is strongly encrypted, and even if your storage gets compromised, your passwords are still safe (assuming a good password or some then better security was used to encrypt it).
You give up the convenience of having a single service and having to get each device to access the file. But that’s it. It’s not that hard and so much better than a password service, even if just for their attack surface, or the “likely target” these are.
Your comment is irrelevant to the issue at hand because it’s a local attack and your suggested alternative could therefore be just as vulnerable.
Self hosting is cool for 0.0001% of the population, for anyone else it’s either too difficult or a hassle. It’s also an oversimplification that I have to “trust” the cloud company and imply that a self hosted solution is inherently safe. You run that program on a computer with 100 different apps, each of which is an attack vector and you’re just you, without the backup of a small army of developers hunting down issues and independent parties auditing the whole shebang.
The only thing self hosting has going for it is that the target is incredibly small, but this is not as big a factor as you suggest because of the maturity of some of these services who basically just store a blob of data you encrypted locally and access to their servers or even your data is usually without danger.
Ah the Internet classic: calling someone’s comment irrelevant, when you clearly haven’t even read, or at least not understood it. It isn’t that long of a comment. Try reading it again.
Oh whatever, here’s another attempt at explaining it: there’s a huge difference if my passwords are in a place where people generally keep passwords, or if they are where only my passwords are. If someone has never heard of me, but they attack my cloud-password-solution and get in, they still get my passwords. Someone attacking me personally, if he’s truly competent as a hacker, in probably screwed either way. At least he can only attack me, he can’t attack “some public thing” and get my stuff “by accident”. Think “personal safe in my home” compared to “public bank” (ignoring the fact that a bank is insured and all that for this analogy).
Your second point would be valid if open source didn’t exist. First of all I didn’t imply that it was inherently safe, I implied that there isn’t a single point of trust, which was my would point. Even if you can’t read/audit it yourself, there are projects that have public audits by reputable security companies. Plus if there truly were backdoors, assuming a non-tiny user base, someone would’ve probably noticed.
Then your final point seems to acknowledge the attack surface, but the problem with the “locally encrypted blob” is that this statement from the cloud provider is another thing you just have to believe them on. They might do that, they might not. Many don’t even claim that, because people like convenience and want options for password recovery to their password service. those two are mutually exclusive.
I’m sure it’s a classic because people tend to latch on to any opportunity to start waffling after reading just the title. Ironically, you start your comment telling me I didn’t read yours and you end it with admitting that I address exactly that which you go on about. So which is it?
What bothers me most is that your solution is not realistic, you’re just proselytizing out of idealism but who is it really aimed at? Who’s going to self host a password manager? Uncle Jim and aunt Betty? You know what the average person is capable of? Writing down their passwords on a piece of paper, usually 4 separate ones with different versions for every time they’ve lost it. At best, they allow a key manager on their device to save a password when they enter it, and if the stars align and all their devices use the same OS and they authenticate, then maybe there is even some synchronization involved. That’s a lot of ands and maybes, but you suggest to ignore that and instead use a solution where they not only understand all those steps but also set it up for themselves.
The masses are not going to wake up one day with the know how to do these things, it’s not even going to happen gradually. I don’t even want to do it, and I was born with a computer and run servers for a living. What is going to happen is that solutions that are easy enough to use will become safe enough in order to minimize the risks. Anything else is a pipe dream.
With self hosting you have to trust that you won’t fuck up, that your house or wherever you are hosting won’t lose power when you need it, or burn down or face some other disaster. At the very least you should have an external location, which you also should trust pretty thoroughly.
Also that’s not to mention that open source projects still have security vulnerabilities sometimes, and also sometimes they get a lot less developer attention than profesional projects.
I love self hosting stuff and do a lot of my own computer backups etc. but the most important stuff I rely on professional cloud solutions for. I simply don’t have the resources to be able to compete.