- #RETREIVE ONIONSHARE FILE UPDATE#
- #RETREIVE ONIONSHARE FILE ANDROID#
- #RETREIVE ONIONSHARE FILE SOFTWARE#
- #RETREIVE ONIONSHARE FILE PASSWORD#
What Micah is asking for is specifically the ability to encrypt the data with a key which is not accessible to Google, so that no matter who tried to force Google to give up this data, they would be unable to.
That's sensible security practice, and we would expect nothing less. It is thoroughly prudent to encrypt data in transit, at rest and so on. It appears that commenters 7, 8, 11, 12, & 13, are referring to to the prudent use of encryption in other places, such as ensuring that when this data is sent to Google, that is done over an encrypted link, or that Google or your phone store this data in an encrypted format (while also having access to the key needed to decrypt the data).
#RETREIVE ONIONSHARE FILE PASSWORD#
If we apply the mud puddle test (), we should conclude that Google *can* access the plaintext, because you can destroy a backed-up phone, change your Google account password or log in with an application-specific password, then get your data back. When Micah says "encrypted", he means that "Google can't get at the plaintext". I think that this confusion is because - while we're all using the same word - we're thinking of different designs. There seems to be some disagreement about whether this data is encrypted. This thread on the Google product forums is the correct comment #14 on the bug report explains it well:
#RETREIVE ONIONSHARE FILE ANDROID#
The backup/restore feature is part of the proprietary Google apps for Android, not the open source Android project.
#RETREIVE ONIONSHARE FILE UPDATE#
Update 2: The Android bug tracker isn’t the correct place to ask Google to fix this bug. Update: I have filed a feature request in Android’s bug tracker to offer encrypted backups, similar to the password sync options offered by Chrome and Firefox. Google says that they’ll delete this data when you stop backing it up with them.Īlthough it wouldn’t hurt to change your wifi password anyway.
#RETREIVE ONIONSHARE FILE SOFTWARE#
If you have a computer connected to your network that you haven’t done software updates on for a couple weeks, or that you’ve never configured a firewall on, or that you’ve installed random servers on and have never touched them since, there’s a good chance the attacker could take over those computers.Īnyway, maybe you should uncheck that box. An attacker can scan for computers, phones, and tablets that are connected to your network, scan for open ports, and exploit vulnerable services. If you download a file, they can serve you a malicious version instead. If the attacker wants to do more active attacks, they can connect to your wifi network and mount a man-in-the-middle attack to eavesdrop on and modify any unencrypted Internet traffic. With your home wifi password, an attacker can sniff wifi traffic outside your house (without connecting to your network) and then decrypt it all, passively eavesdropping on your private network. If an NSA analyst, or likely someone from CIA or even FBI ( Prism is a “team sport”), asks Google for information about you, your house’s and office’s wifi passwords are likely included in that data. Oh, and Google is part of NSA’s Prism program. There’s no sort of password hash that your Android phone could send your router to authenticate besides the password itself. When you format an Android phone and set it up on first run, after you login to your Google account and restore your backup, it immediately connects to wifi using a saved password. Is the “Back up my data” checkbox checked? If so, all of the wifi passwords that your phone remembers are being synced to your Google account.Īnd the passwords are in plaintext, too. Go to your home screen, press the Menu button, select “Settings”, under “Personal” select “Backup and reset”. Use Android? You’re Probably Giving Google All Your Wifi Passwords
0 kommentar(er)
