Password manager security papers

Discussion in 'other security issues & news' started by MrBrian, Jul 5, 2014.

  1. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,899
    Location:
    localhost
    like? As the release history from last pass has listed several security fixes since those articles like auto fill-in.
     
  2. tlu

    tlu Guest

    Yes, I know. However, I'm not in a position to judge if all those vulnerabilities mentioned in those papers have been fixed. In any case, an official reply if Lastpass was aware of those papers/vulnerabilities would have been ... well ... nice to say the least. I mean we place high confidence in them (and FWIW, I myself am a paying customer), and in return we can expect that they take security concerns/questions seriously, IMHO.
     
  3. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,899
    Location:
    localhost
    Not to defend them but if they start answering in a public forum about each one of the claims circulating around they will never end. I would first wonder if the authors of the papers did submit those vulnerabilities via official vulnerabilities channels. A quick CVE check did not lead to any evidence. So, most likely the usual approach of preference for visibility versus professionality. On top, if you are a paying customer you can contact their support directly and ask for clarification. Vulnerabilities are a delicate matter and they may not simply like to discuss it in a public forum. :)
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.