Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

cancel ×

341 comments

FUD (0, Troll)

danbuter (2019760) | about 7 months ago | (#45828913)

I know it's FUD! It's anti-Linux, which by nature is perfect!!! -Stallman fan

Re:FUD (5, Funny)

sideslash (1865434) | about 7 months ago | (#45828947)

It's anti-Linux [...] -Stallman fan

Fraudster! You didn't put GNU/Linux.

Re:FUD (0)

mrchaotica (681592) | about 7 months ago | (#45829199)

Not to mention, Stallman surely wouldn't get caught dead using something like NetworkManager.

PoetterKits (-1)

Anonymous Coward | about 7 months ago | (#45829461)

What'ya expect from Stuff written by Poettering ?

NSA DID IT! (4, Funny)

CajunArson (465943) | about 7 months ago | (#45828927)

Must have been the NSA! I should have known that commit from uberspydude@ftmeade-totallynotNSA.gov was suspicious.

Re:NSA DID IT! (0)

Anonymous Coward | about 7 months ago | (#45829359)

Sweet, every developer on the planet has a new whipping boy for any security holes that they fail to address in systems they develop...

The NSA did it!!!

KNetworkManager (5, Informative)

chill (34294) | about 7 months ago | (#45828933)

Simple. Stop using Gnome shit.

How can I store passphrases associated with encrypted wireless networks?
The first time KNetworkManager is used, it will try to set up the KDE Wallet (encrypted password storage) to save wireless network passphrases and other passwords. If you choose not to use KWallet, KNetworkManager will store passwords in its configuration files, only readable by the logged in user.

http://old-en.opensuse.org/Projects/KNetworkManager#Wireless_LAN [opensuse.org]

Re:KNetworkManager (2, Funny)

MacDork (560499) | about 7 months ago | (#45828965)

It won't matter what you use if you let anyone on your network with an android [gizmodo.com] phone. Oh hai, let's back up everything to teh googles.

No. It's shear utter brilliance! (0)

Anonymous Coward | about 7 months ago | (#45829133)

You see, when the hackers/crackers (not the southern white people) get the password, they'll think it's some really really really really obfuscated-genius-sick-crypto and spend years and much computer time trying to crack it.

See?

Re:KNetworkManager (5, Informative)

Anonymous Coward | about 7 months ago | (#45829383)

Are you stupid? NetworkManager is the same underlying component. It will also store passwords in plain text for _system_ connections, where KWallet is unavailable (it is only available after graphical login).

This is a non-story. Every other operating system not only does exactly the same, they are forced to do the same. Because there is no other way unless you want your Wi-Fi to be offline until you login, and if you do, well, then this problem is not present because NetworkManager will use KWallet OR gnome-wallet, depending on the session you opened.

The author basically manually checked the "I want to make this connection available to other users" checkbox and then is surprised when the connection is actually made available to other users. Stupidity, plain and simple.

Gnome shit (0)

Anonymous Coward | about 7 months ago | (#45829433)

> Simple. Stop using Gnome shit.

Does that include SystemD?

(* hides behind a rock before the systemd thugs come to beat him up *)

My password is printed on the side of my router (0, Redundant)

Anonymous Coward | about 7 months ago | (#45828943)

I have Verizon FIOS, and the password is printed on the side of the router.

Re:My password is printed on the side of my router (2)

228e2 (934443) | about 7 months ago | (#45829031)

And thats not the worst part. You can't change your PW, and they only offer WEP.

What? (1)

ArchieBunker (132337) | about 7 months ago | (#45829435)

None of you know what you are talking about.

Re:My password is printed on the side of my router (1)

macbeth66 (204889) | about 7 months ago | (#45829049)

I've disabled the FIOS provided wireless access, added two wireless access points ( upstairs and downstairs ), each connected by hardwire to to the router and use whatever protocols and passwords I desire.

Re:My password is printed on the side of my router (1)

Grishnakh (216268) | about 7 months ago | (#45829177)

Why do you have two APs? WiFi penetrates to adjacent floors on a typical residential home with no trouble. I have a 3-story (including the basement) house with my AP on the middle floor, and I have no connectivity problems at all. The problem with WiFi is line-of-sight distance; if your house is a giant 6000sf McMansion and is really spread out, you could have a problem, but as long as you're not far away from the AP it should be fine.

Re:My password is printed on the side of my router (2)

wangmaster (760932) | about 7 months ago | (#45829241)

Dunno what the original poster has but I have a 1600 sq foot house. basement first floor and second floor. 795 sqft rectangular foot print. My wifi access point on the first floor gets a horrid signal in the basement (especially near the corners). My wifi router in the basement doesn't reach the top floor corners.

This is specific to the 5ghz bandwidth which I use exclusively.

Yes, custom antennas might help, but wifi routers are cheap (just for reference I have an Asus rt-n56u and a buffalo wzr-hp-ag300h).

House is built in 1946. There are many situations where a single wifi access point doesn't work, even when you'd think it might.

Re:My password is printed on the side of my router (1)

jawtheshark (198669) | about 7 months ago | (#45829269)

I also have a three story house and a WAP in the middle. Reception is horrible, horrible, horrible. I think it's all the insulation material (class B house) and the floor heating (a lot of water in the floors) and on top of that the floors are concrete. I now have a second access point, one on the second floor.

Cellphone reception is also terrible in the middle of my living room. My best bets are turning off Data on my cellphones so that it doesn't try to negotiate quicker speeds.

I'd really like to know how to improve things. House has been built last year. I expect this to be a common problem in low energy houses.

Re:My password is printed on the side of my router (1)

macbeth66 (204889) | about 7 months ago | (#45829299)

Why do you have two APs?

I have steel beams between the first and second floors that seem to interfere with wifi. It could be something else, but since I have the two units and had hardwire between the floors, I use them.

Re:My password is printed on the side of my router (2, Funny)

PNutts (199112) | about 7 months ago | (#45829417)

Why do you have two APs? WiFi penetrates to adjacent floors on a typical residential home with no trouble. I have a 3-story (including the basement) house with my AP on the middle floor, and I have no connectivity problems at all. The problem with WiFi is line-of-sight distance; if your house is a giant 6000sf McMansion and is really spread out, you could have a problem, but as long as you're not far away from the AP it should be fine.

Sorry, you brought theory to a practical fight.

Re:My password is printed on the side of my router (2)

chill (34294) | about 7 months ago | (#45829467)

I have two APs.

One for 2.4 GHz b/g/n devices that can't really be upgraded. Older phones, Chromebooks, tablets and my bathroom scale.

The other is for 2.4 GHz/5 GHz 802.11ac devices that HAVE been upgraded and use the extra bandwidth, like for streaming HD video or transferring large files to a server.

I keep them on separate channels.

From a comment there (5, Insightful)

Anonymous Coward | about 7 months ago | (#45828945)

While it is true that the passwords are stored as plain text, in order to view the "plain text" one must have root privileges to view the text file.

  I would venture to state that "if" one's system is open enough (a stranger has root privileges) for some unwanted person to view that text file, then one has much more to worry about than the fact that one's wifi password is not encrypted.

  Also, to fix it, one must disable the "Available to All Users" option... thus requiring one to enter one's password for wifi on every login... which is annoying to say the least.

  Personally, I think the issue is pretty much a mountain out of a molehill... because, and again, if to view it, you have to be root, then the whole system is vulnerable and not just the wifi password.

Which completely ignores security vulnerabilities in Linux, as many advocates do. Still, the relevant point is that for someone to steal your wifi password this way, they're already in position to do much worse.

Re:From a comment there (3, Insightful)

MacDork (560499) | about 7 months ago | (#45829013)

If someone has physical access to your hardware, they're already in a position to do much worse. Encrypted drive? Let me just load this keylogger into BIOS [emptywheel.net] mmm kay?

Re:From a comment there (0)

Anonymous Coward | about 7 months ago | (#45829305)

Can't protect the system from a highly funded government entity? Shucks why bother protecting it at all! I would rather it be secure against any idiot with a bootable usb drive even if the NSA could get in.

Re:From a comment there (5, Insightful)

gweihir (88907) | about 7 months ago | (#45829257)

No, it does not. Have you actually read the part "" one's system is open enough (a stranger has root privileges) for some unwanted person to view that text file, then one has much more to worry about than the fact that one's wifi password is not encrypted."? Apparently not. As the password has to be available in plain at the authentication time, this nicely sums up, why the password storage is not a problem. But to understand that, you would actually need to have a minimal clue what you are talking about...

Re:From a comment there (1)

Anonymous Coward | about 7 months ago | (#45829281)

Exactly. How is this any different than using the show passphrase checkbox in Windows? It's still real world readable to authorized users. Much ado about nothin' is what this is.

Re:From a comment there (1)

Anonymous Coward | about 7 months ago | (#45829291)

If you're using Softpedia as a knowledgeable source, then you've got much bigger problems than you can imagine!

Re:From a comment there (1)

bonehead (6382) | about 7 months ago | (#45829333)

I would venture to state that "if" one's system is open enough (a stranger has root privileges) for some unwanted person to view that text file, then one has much more to worry about than the fact that one's wifi password is not encrypted.

This ignores multiuser systems.

Simply having an account on a multiuser system does not mean I want all admins on that system to have access to my info.

Worse than that, if you accept that argument as valid, then there is no point in encrypting and/or hashing passwords. Ever. Just store the file in a "safe" place.

Re:From a comment there (0)

Anonymous Coward | about 7 months ago | (#45829471)

Well yes, the point is that these same vulnerabilities will exist on EVERY device and operating system. If someone is in a position to access the file as-is, encrypted or not, then they already have access to the means to decrypt it even if you're using something like full disk encryption.

Security - and a false sense of security (2, Insightful)

Anonymous Coward | about 7 months ago | (#45828949)

The OS has to be able to decrypt the password to connect to the wifi network.
Windows stores the password as an (unencrypted) hex string in the registry. Guess I've gotta go with full-disk encryption then...

Re:Security - and a false sense of security (2, Informative)

jones_supa (887896) | about 7 months ago | (#45829135)

Windows stores the password as an (unencrypted) hex string in the registry.

Just to clarify...

Windows XP stores WiFi passwords unencrypted in registry at HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WZCSVC\Parameters

Windows 6.x stores WiFi passwords in encrypted XML files under hard disk folder %PROGRAMDATA%\Microsoft\Wlansvc\Profiles\Interfaces

Re:Security - and a false sense of security (0)

Anonymous Coward | about 7 months ago | (#45829225)

That's so bad I'm going to respond in 4chan format:

> XML files

> Why

Re:Security - and a false sense of security (2, Informative)

Anonymous Coward | about 7 months ago | (#45829483)

They are not encrypted. For that it would be necessary to use a user private key. Instead, they are obfuscated with a system key: http://securityxploded.com/wifi-password-secrets.php [securityxploded.com]

They are trivial to recover.

NetworkManager sucks ass anyway (1)

Anonymous Coward | about 7 months ago | (#45828953)

This is just another lead balloon for the project. Why not use a keyring? Why is it automatically set up to use multicast DNS by default? Why is it so damn hard to configure settings for a DHCP client?

So? (1)

allo (1728082) | about 7 months ago | (#45828957)

Why is my networkmanager applet asking for access on kwallet?

i guess its only stored plaintext, if you want it to autoconnect globally. And then its required to be plaintext.

POT (Personal Open Terminal) makes 'net simple (-1)

Anonymous Coward | about 7 months ago | (#45828969)

who needs to pretend to block access to their trove of almost nothing? get over ourselves is the message & the hobbyist whiners would be some of the first to agree that having dark secrets is the problem to not join in on.

It's true -- but only root can read them though. (1, Insightful)

Anonymous Coward | about 7 months ago | (#45828973)

The basic fact is true - they are there in plaintext.

But since only root can read the file, it doesn't mean much in terms of a security hole. If the attacker is already root, they have access to everything on your system anyway.

Re:It's true -- but only root can read them though (-1, Offtopic)

Ivan Stepaniuk (1569563) | about 7 months ago | (#45829053)

Mod parent up!

Re:It's true -- but only root can read them though (1)

wiredlogic (135348) | about 7 months ago | (#45829061)

You don't need to have root access if you have physical access to the drive. Mount it, get the password, and then monitor the network activity of your target.

Re:It's true -- but only root can read them though (5, Insightful)

Grishnakh (216268) | about 7 months ago | (#45829211)

If someone has physical access to your drive, you have much, much worse problems than someone sniffing your WiFi traffic. To do this, someone has trespassed into your house. I'm much more concerned with strangers stomping around my living room than I am about someone sniffing my WiFi traffic.

Re:It's true -- but only root can read them though (1)

cheros (223479) | about 7 months ago | (#45829085)

If the attacker is already root, they have access to everything on your system anyway.

Not quite. Root access means a compromised single host. Access to a list of WiFi passwords means compromising all the WiFi networks the machine in question has been given access to, so you'd still want that encrypted.

Re:It's true -- but only root can read them though (1)

Sarten-X (1102295) | about 7 months ago | (#45829145)

If the attacker has compromised that one system, they could just decrypt the encrypted file.

Re:It's true -- but only root can read them though (2)

Gort65 (1464371) | about 7 months ago | (#45829227)

Not quite. Root access means a compromised single host. Access to a list of WiFi passwords means compromising all the WiFi networks the machine in question has been given access to, so you'd still want that encrypted.

Sure, but if you're root, then you can quite easily decrypt to find those passwords. This isn't to say that it shouldn't be encrypted (another hurdle, etc), but once you're root, then anything on that machine is fair game, including those WiFi passwords if you're determined enough.

Has been for years. (0)

Anonymous Coward | about 7 months ago | (#45828993)

I know it doesn't really change the fact that it's non-secure, but this isn't really news.

Re:Has been for years. (4, Insightful)

gweihir (88907) | about 7 months ago | (#45829137)

It is secure with regard to the design specification. The client does need to have the plain-text password or it cannot authenticate itself. If you do not want a plain-text password to be available to the entity storing it (and that is what password protection is all about), then you cannot use a mechanism where the plain-text password needs to be supplied. At best this is a Wi-Fi protocol vulnerability.

Re:Has been for years. (0)

Anonymous Coward | about 7 months ago | (#45829283)

Exactly. The machine has to be able to provide the password to the access point. No matter what scheme is used to store passwords, the machine can decrypt. So anyone taking over the machine can get all the passwords. Except if you provide a "password-decrypting" password each an every time wifi re-authenticates. Which gets old real fast.

At least on linux, the user using the machine do not have access to the files with passwords. Only root has. And while the user may very well be admin and know the root password, he is not logged in as root normally. So a hacker taking over the web browser or some such, will not gain those wifi passwords. While windows people are admin all the time, unless they have a crippled corporate setup.

Not for me... (1)

sce7mjm (558058) | about 7 months ago | (#45829005)

It says they are stored under /etc/NetworkManager/system-connections

I have the info for my wired and wireless connections, but he passwords are definitely not stored in there plain-text or otherwise...

Which leads me to ask where does it store them?

Re:Not for me... (0)

Anonymous Coward | about 7 months ago | (#45829147)

They're only stored in that file if the connection is set as "available to all users" in the connections editor. I think if it's only available to a single user that it's stored under that user's keyring.

Encrypting the full disk (1)

hodwik (3459527) | about 7 months ago | (#45829007)

"Encrypting the full disk"

Is that something I should be doing? New-ish Linux user here.

Re:Encrypting the full disk (1)

mlts (1038732) | about 7 months ago | (#45829041)

A lot of distributions offer LUKS encryption on bootup. I'd highly recommend going that route.

As for storing a Wi-Fi key plaintext, I consider it a nonissue because any program that gets root will be able to get the Wi-Fi password anyway, and even if it is obfuscated, there will always have to be a way to de-obfuscate it.

Re:Encrypting the full disk (1)

dbIII (701233) | about 7 months ago | (#45829065)

Not unless it's one of a series of things that you are doing that have a way to get the stuff you have on that disk if you lose the password, or if losing the lot is a better option than someone else getting access.

Solution (0)

Anonymous Coward | about 7 months ago | (#45829015)

Report it as a bug. Ask for improved security.

If the maintainer ignores the bug report and fails to act, uninstall the app and find one that works as you wish. Publicize the lackof response of the maintainer withinh the community.

Re:Solution (2)

dyingtolive (1393037) | about 7 months ago | (#45829205)

Well, and it's NetworkManager. Nothing of value is lost by uninstalling it to begin with.

That's why Liux isn't 1st choice for security... (-1, Troll)

bogaboga (793279) | about 7 months ago | (#45829021)

...like it was mentioned and extensively discussed in this Slashdot submission [slashdot.org] not so long ago.

Re:That's why Liux isn't 1st choice for security.. (2)

wangmaster (760932) | about 7 months ago | (#45829071)

OR more appropriately, wifi isn't 1st choice for security.

Re:That's why Liux isn't 1st choice for security.. (4, Informative)

bluefoxlucid (723572) | about 7 months ago | (#45829451)

If you want the system to use a wifi connection as its primary--to boot and enable wifi, or to allow all users to enable wifi--the wifi connection must store the password in plaintext.

Think like this: You get a wire, plug in an RJ-45, and tell the system to enable that on boot. When you boot, you're online.

Now, if you use wifi, to do this, you have two options. The first is for a user to log in, connect to wifi, and store the password encrypted in keyring. The next user logs in (after the first logs off, or after a reboot) and, not knowing the password, can't use the network on that machine. The second option is to store that password in plaintext, accessible by a system level service (or, alternately, by all users). At boot, the system service enables the network connection; any user with access rights to enable or disable the network connection can send a message to the service to do so, and the service will read the password from disk.

In the second scenario, if you create an encryption key and encrypt the password, you need to store the key in plaintext. An attacker would get the key and use it to decrypt the password in the same way as he'd obtain the plaintext password, so technically you are still storing plaintext--just in a different format involving multiple files. It's not encrypted until it's separated from the key. An encrypted e-mail is encrypted because only the sender and recipient have the key--the sender usually generates a session key and encrypts that with a public key, so usually no longer has the key after sending it. A third party would have an encrypted blob and no key. If you encrypted the e-mail and stored a private key to decrypt it on the same system, protected by a password stored in a text file on the same system, then administrative access gives you full access to everything--essentially, the message is stored in plaintext. That's a stretch; but if your system fundamentally functions such that it must store some data, and stores that data and an encryption key "to encrypt it", you're storing plaintext--the "encrypted" data is never transported, and the key is just theater.

So this isn't an example of poor security; it's an example of "the only way to accomplish this particular goal".

Alternative? (1)

duckgod (2664193) | about 7 months ago | (#45829033)

If the alternative is to put in a password for every fucking thing I do like KDE seems to insist then sure go ahead and steal my Wi-Fi password. In addition there must be more interesting stuff to take if access to my computer was compromised.

Re:Alternative? (1)

chill (34294) | about 7 months ago | (#45829157)

In KDE the Wallet acts as a central keyring for all your passwords. You only have to enter the password for the Wallet the first time something needs access and it'll handle it from there.

The first time a program tries to access the Wallet you'll get a "allow / disallow" prompt, but that is it.

If you're bitching about having to enter a password ONCE after logging in then you don't even belong in the discussion.

Re:Alternative? (3, Insightful)

egcagrac0 (1410377) | about 7 months ago | (#45829473)

If you're bitching about having to enter a password ONCE after logging in then you don't even belong in the discussion.

Slightly off-topic, but - If I entered a password to log in, why do I need to enter another?

And the problem is? (2, Informative)

Anonymous Coward | about 7 months ago | (#45829039)

I'm sorry that timothy and the submitter are morons without a clue, but in order to auto-connect to a wifi network without entering your password every time, the wifi key HAS to be readable by the system. Theres no POINT in encrypting it if you aren't entering the password EVERY TIME you connect, otherwise the password may be obfuscated but always available in plain text with little work considering you have the source so you know EXACTLY how the system extracts it.

--BitZtream

Re:And the problem is? (1)

sqlrob (173498) | about 7 months ago | (#45829179)

Has to be readable yes. Has to be plain text? No.

If I give you something encrypted with OpesnSSL and a password, you can break it right? After all, you know everything that OpenSSL does. The wifi password, and any other external credential, should be protected at rest. And yes, it can be done securely even with full source access.

Re:And the problem is? (1, Informative)

bluefoxlucid (723572) | about 7 months ago | (#45829477)

If the system stores an encryption key and a password, it's storing plaintext in an exotic format. If the system is capable of extracting the plaintext without user intervention, then it's storing plaintext in an exotic format. If it's OpenSSL encrypted, and the OpenSSL key is RIGHT THERE NEXT TO IT, it's in plaintext.

So what? (0)

Anonymous Coward | about 7 months ago | (#45829043)

Only root has access to the file. If someone has root access on your computer, the damage could be far worse.

Re:So what? (1)

jones_supa (887896) | about 7 months ago | (#45829239)

That's not a good excuse. We could still make the damage smaller if he can't steal the WiFi password easily. Especially in a business network that can make an important difference.

What RH did is a sensible choice (0)

Anonymous Coward | about 7 months ago | (#45829057)

Making security more cumbersome does not necessarily make it more secure. As it is, the failure modes are fairly obvious, and so would be the on-site policies and precautions. In a system that stored encrypted passwords, they might not be.

Not a real vulnerability (0)

Anonymous Coward | about 7 months ago | (#45829059)

This is like saying that because a bank manager can get into a vault and see the money, it's insecure. If someone breaks into the bank it doesn't really matter that the manager can get into the vault. Should it at least be hashed? Sure, but to say that something stored under root is a problem is kind of odd. Then again I encrypt my drive by default, so the live cd vector isn't a problem for me.

Re:Not a real vulnerability (1)

Vanderhoth (1582661) | about 7 months ago | (#45829319)

Should it at least be hashed? Sure

I will as soon as I get home, but I have yet to verify if TFA is correct or just FUD for myself.

Normally passwords should be hashed, but in this case it would be pointless as hashing is used to compare. So I hash my password the first time then if I enter the same password each time its hash value will always be the same as the original, but once hashed the original password is "lost" in that it becomes unknown to the system. The problem is in order for your machine to automatically connect to an access point it needs the password. So either you type it in every time or you store it somewhere where the system can access it. Hashing is one way so if the system can only retrieve a hash of the password not the password itself so a hash can't be used to connect to an access point. You'd still have to enter your password every time or store it.

As others have pointed out you need root access to view the file, if someone has root access to your machine then you have bigger problems, so it doesn't matter if the password file is encrypted or not. If you wrote your password down and stored it in a bank vault and only the bank manager could retrieve it for you would it matter if people could still walk into the banks lobby? Maybe encrypting it would be a good extra step just in case, but I can't see it being a necessity.

man chmod (1)

Gothmolly (148874) | about 7 months ago | (#45829079)

Change the perms so that only root can read them. If something has rooted your box, your wifi password is the least of your problems.

This has saved my butt a couple of times :) (1)

wangmaster (760932) | about 7 months ago | (#45829093)

I've forgotten the WPA passphrases on two of my relatives wifi networks and of course since I set it up for them they never had a clue. Fortunately, the unencrypted networkmanager files were there and made it super easy for me to tell them what their passphrases were :)

FUD, I am a fraid (5, Informative)

gweihir (88907) | about 7 months ago | (#45829103)

Generally, storing passwords on the verifying machine in plain is a really bad idea. This is not the verifying machine. On the supplying machine, you usually do not have a choice but allow access to the plain-text password, how else would it be supplied? Hence, while you can store it encrypted, that encryption must either be automatically reversible (making it pointless) or protected by an additional password the user enters each time (making the storing pointless).

So, no, these people crying "insecure" do not understand what they are talking about and do not know that either (Dunning-Kruger Effect at work). This particular kind of incompetence has seen an increase with the Snowden-relevations, where people with no clue about IT security, risk evaluation or crypto do "pattern matching" with a list of "bad" things in crypto, like "password stored in plain", "SHA1" and then claim insecurity when the keywords turn up in something. They are basically always wrong, because they do not even begin to understand the specific use of the mechanism. Typically the do not even have beginner-level knowledge, like these cretins here. Otherwise they would have understood that Wi-Fi does not do a challenge response authentication with a shared secret, but a plain, one-way password submission. For these, the password does need to be available in plain or things cannot work. Instead, these idiots cry "insecure".

The only possible other explanation I have is that these people are NSA shills that try to confuse the issue.

Re:FUD, I am a fraid (1)

PrimaryConsult (1546585) | about 7 months ago | (#45829237)

I hate it when people say reversible encryption is "pointless". There are a few reason where you might want to let someone look at your configuration file/database/etc (maybe to ask for help), and having to sanitize/restore passwords every time is a pain in the ass. You might also open the file while someone is sitting next to you, forgetting that the password is in plaintext. Most people are honest but if the password is staring them straight in the face it becomes a tempting target.

It's like saying because a lockpick can open your door, you shouldn't bother having a lock.

I had this same argument over gaim/pidgin storing passwords in plaintext in its profiles.

Re:FUD, I am a fraid (0)

Anonymous Coward | about 7 months ago | (#45829315)

or protected by an additional password the user enters each time (making the storing pointless)

The storing would not be pointless, any more than storing passwords in a password manager (e.g., KeePassX) is pointless.

That being said, there may well be UX issues with requiring users type in a passphrase to access the secured data.

Re:FUD, I am a fraid (0)

Anonymous Coward | about 7 months ago | (#45829317)

This. Root access is already passworded. To store keys additionally in a wallet is redundant.

Re:FUD, I am a fraid (1)

chill (34294) | about 7 months ago | (#45829389)

On the supplying machine, you usually do not have a choice but allow access to the plain-text password, how else would it be supplied?

By an agent, like KNetworkManager, PGP-agent or GnuPG-agent.

Hence, while you can store it encrypted, that encryption must either be automatically reversible (making it pointless) or protected by an additional password the user enters each time (making the storing pointless).

No. An additional password isn't pointless. It is the purpose behind the operation of gpg-agent, KNetworkManager, Firefox's master password, LastPass and several other programs.

Otherwise they would have understood that Wi-Fi does not do a challenge response authentication with a shared secret, but a plain, one-way password submission. For these, the password does need to be available in plain or things cannot work.

To be pedantic, that is exactly how WPA2-Enterprise works. But almost no one uses that in a home network. You still shouldn't ignore it.

And the password does not need to be STORED in plaintext, which is the point. Like a PGP key, it exists unencrypted only in RAM and is encrypted when stored.

FUD (1)

hurwak-feg (2955853) | about 7 months ago | (#45829107)

I would say it is FUD. If it is a company owned computer that is controlled by others, you might risk having your employer having access to your networks. Other than that the biggest risk is theft. If a computer is stolen, you should change all your passwords anyway, including your wireless network passwords. Friends and family that use it would have access to your network anyway. I'll admit to not RTFA, but it sounds like (I am speculating, I could be wrong) the author is parroting some stuff out of a security certification study guide without really considering if it is actually a problem worth writing about. It is possible the author is anti-linux, but I doubt it considering an alternative tools is suggested. If someone is really paranoid, they could always just use a live CD/thumb drive that doesn't store anything. I am leaning towards well meaning FUD.

SSH Keys Also Vulnerable (4, Informative)

Bob9113 (14996) | about 7 months ago | (#45829113)

It is also common in most Linux distros to store SSH private keys in ~/.ssh, which -- given you need root to read the wifi passwords -- can be accessed just as easily. Access credentials have to be stored in the clear somewhere on a live machine -- in memory during connect if nowhere else. Once you root the box, you get everything.

Ssh keys can be encrypted. You have a choice (1)

Anonymous Coward | about 7 months ago | (#45829479)

I think the article is complaining that you do not have a choice. I think the counter-argument (that you need root so they own you anyway) is not legitimate. In this day and age, no passwords should be stored in plaintext.

OpenBSD does this as well (0)

Anonymous Coward | about 7 months ago | (#45829115)

# cat /etc/hostname.iwn0

nwid attwifi
wpakey P@ssW0Rd
dhcp

The solution is to encrypt your hard drive.

"NetworkManager" (-1, Troll)

Gothmolly (148874) | about 7 months ago | (#45829117)

If you are lame enough to use a GUI, you're lame enough to fail.

This is what happens when you give people tools that they don't understand.

Wrong. The entire discussion is FUD. (1)

Giblet535 (3480751) | about 7 months ago | (#45829121)

Anyone who connects a GNU/Linux box via wireless network has no concern for security.

Nothing changes... (1)

Anonymous Coward | about 7 months ago | (#45829139)

The die hard Linux bunch will defend it to their deathbeds. If it was found that Windows was doing the same thing, they'd be lighting torches and sharpening the pitchforks. This is a serious security flaw. Not only does it expose passwords for people's home networks, but businesses and other institutions as well. I love Linux, use it on every laptop I have at home, which means there are several passwords stored on those machines. This is an issue that needs to be addressed and fixed. If disabling NetworkManager and enabling netctl accomplishes it, easy enough.

Reversible encryption (1)

gmuslera (3436) | about 7 months ago | (#45829149)

The password encryption must be reversible to be used, is not the computer that runs linux the one that must do the validation so can have the luxury of doing one-way encryption, the original password must be provided. The source code already includes how to decrypt that password, and if is salted or uses another information, all the needed information is stored there already. At most, you can do what is already being done by most if not all network managers, only giving access to it to the root user. If someone else have access to your computer with root access and the ability to see files/run programs, then would be easy to obtain it even if is encrypted, but capturing your wifi password won't be the worst that will happen in that scenario.

You're not still counting on WPA2? (1)

drinkypoo (153816) | about 7 months ago | (#45829165)

I'm using WPA2 to discourage anyone trolling for the most easily abused access points, but if were transmitting my .secret_plans_to_rule_the_world file, I'd be using ipsec as well — to a machine which does not allow any unencrypted connections.

gnome-keyring (0)

Anonymous Coward | about 7 months ago | (#45829171)

It uses gnome-keyring. All passwords are saved in the keyring. And if its not open a dialog popups to open it.

(For those who don't know, gnome-keyring encrypts everything).

Physical access gets wifi access. Okay. (2)

Rob the Bold (788862) | about 7 months ago | (#45829185)

I suppose in general that keeping "secret" things secret seems reasonable. After all, when you login to your wifi network (the first time) the password is usually masked to hide it from shoulder surfers. This does give users the impression that the data is also stored securely.

From a practical perspective, though, how much of a security risk is this?

From TFA:

So anyone who inserts a Live CD Linux distro into your laptop, can view your not-so-secret Wi-Fi password... or steal even more important data!

Wouldn't it be even easier if someone had access to your laptop to just use it then and there to access your network without rebooting, "stealing" your important data secured by nothing more than a wifi login? They're already in your home or office -- unless they stole your laptop while you were in the restroom at Starbucks -- they could also just plug their own laptop into your router or other network port and get the same thing, couldn't they? (As if your "sensitive documents" aren't just sitting there on the laptop unencrypted anyway.) Or just hang around in network range, sniffing packets and cracking your wifi encryption at their leisure? That wouldn't even require taking the risk of borrowing your computer and raising suspicioins.

So while storing any authentication data in plain text seems needlessly insecure and sloppy, relying on wifi passwords alone to protect sensitive data is an even worse idea to begin with.

so i hacked into myself on the 'net (0)

Anonymous Coward | about 7 months ago | (#45829189)

sounds gross but it's really nonsense i just wanted to see how i 'look' from out in the kingdumb. reminding myself how unexcitingl my dealings are helps me feel more secure? free the innocent stem cells.

Confirmed on a Debian 7.3 machine (1)

shtrom (1251560) | about 7 months ago | (#45829201)

USER@DEBIAN73:/etc$ cat /etc/debian_version
7.3
USER@DEBIAN73:/etc$ sudo grep -R WPAKEY *
[sudo] password for USER: :/etc$ cat /etc/debian_version
7.3
USER@DEBIAN73:/etc$ sudo grep -R WPAKEY *
[sudo] password for USER:
NetworkManager/system-connections/ESSID:psk=WPAKEY

This is a bit embarassing...

Now, can somebody with the WPA key of a network capture traffic to/from other stations?

Wi-Fi passwords are not security features (1)

Theatetus (521747) | about 7 months ago | (#45829209)

They're (weak) access control features. Secure at the transport level.

Re:Wi-Fi passwords are not security features (1)

KDN (3283) | about 7 months ago | (#45829379)

WPA2 with enterprise mode and AES transport is pretty secure, assuming the NSA hasn't FUBAR'ed AES. WEP and TKIP I would definitely put out to pasture.

It's FAR worse than that! (2)

PvtVoid (1252388) | about 7 months ago | (#45829293)

The reality is far, far worse. Even as a non-root user, if I click on the wireless connection icon on my desktop, select my network under Edit Connections, and click "Show Password", there it is, in pure plaintext!

Oh, NOES! If my desktop lets me have access to my own network password, where will it end? It might even let me access my own files! Then what? Human sacrifice, dogs and cats living together... mass hysteria!

Checked, not true. (0)

Anonymous Coward | about 7 months ago | (#45829301)

I'm running Ubuntu and using Network Manager. I checked the directory where the passwords are reported kept and found two things:
1. All the files in that directory are readable only by root. This means someone needs to have root access to your system (or phsycialy access to an unencrypted drive) to read the network profiles.

2. None of the files contained passwords for my wireless networks.

My conclusion is the article is A) wrong on multiple points and B) ignores that fact that if your box is already rooted than wireless passwords are the least of your worries.

No, it is not a problem (0)

Anonymous Coward | about 7 months ago | (#45829321)

And if you think it is, maybe you should read what Pidgin developers have to say about this. [pidgin.im] .

These yearly "$PROGRAM is storing my passwords in plain text! Won't somebody think of the children!" stories are very tiresome...

You need the plaintext password (1)

KDN (3283) | about 7 months ago | (#45829337)

If you are using the WPA with PSK (Pre Shared Key), you need the plain text pre shared key to generate the PMK (Pairwise Master Key). Once you have the PMK, you really don't need the pre shared key. But if you change the access point or change the NIC on your machine you will need it to generate the PMK over again. If you are concerned, go to WPA enterprise mode with the Radius challenge response.

Speaking of PSK security, you are using the mimimal PSK length of 20 (or was it 22?) characters to ensure security, right?

So what? (1)

Bert64 (520050) | about 7 months ago | (#45829349)

So you store the password in plain text, so what?
The password needs to be available in plain text form in order to be used, so even if you store it encrypted you must also store the key so that the system is able to retrieve it so at best all you do is make it slightly more difficult to extract the key.
For other systems there are freely available tools to extract the wifi keys anyway...

The only secure way to do it, is to encrypt the wifi key using the user's login password... MacOS can do this, but then your system won't connect to wireless until after you've logged in so this is a very uncommon configuration to use.

Stored Credentials are bad (1)

mlwmohawk (801821) | about 7 months ago | (#45829351)

As bad as it sounds, NetworkManager is probably doing almost the right thing. There is no way to safely encrypt a password so that it may be used for access to another system without requiring another password.The only thing that you can do is use the permission structure of the OS to protect the password. (As they have done)

Now, they could have "scrambled" or encrypted the password with a known key. That will prevent the slim chance that a "casual" intruder with root access will get your password, however, any moderately intent intruder who can gain root access will, by design, be able to reverse the password mutation. You can't MD5 or SHA the passwords because you *need* them to gain access to the external system.

I had this fight at a company a while back about accessing Windows servers and storing their credentials, I ended up base64 the creds into a database row or an encrypted database. You needed a password to open the database, so they were safe, but management didn't want to be able to "see" the password once they did. It wasn't real security, but it shut them up.

NetworkManager needs to do something similarly stupid so that stupid people don't say stupid things about a stupid problem. If you can't trust your computer to store your password, then don't trust your computer to store your password. duh!

NetworkMangler (1)

DaveAtFraud (460127) | about 7 months ago | (#45829361)

I removed NetworkMangler from all my systems except my laptop. It does come in handy when connecting to WiFi hotspots when I'm not at home. Keeping it on a server with a static network connection is just inviting trouble.

Cheers,
Dave

Adequate monitoring (0)

Anonymous Coward | about 7 months ago | (#45829373)

One does not require passwords, encrypted disks, or other pseudo-unbreakable crypto keys.

As long as one has enough adequate monitoring in place!!!

[wdw]

Only readable by root on my Debian Stable pc (3, Informative)

mrflash818 (226638) | about 7 months ago | (#45829423)

Only readable by root on my Debian Stable workstation:

robert@debian:/etc/NetworkManager/system-connections$ ls -latr
total 16
drwxr-xr-x 5 root root 4096 May 20 2013 ..
-rw------- 1 root root 329 May 21 2013 geophile.net
-rw------- 1 root root 399 Jul 4 13:22 Auto geophile.net
drwxr-xr-x 2 root root 4096 Jul 4 13:22 .
robert@debian:/etc/NetworkManager/system-connections$ cat geophile.net
cat: geophile.net: Permission denied
robert@debian:/etc/NetworkManager/system-connections$

I know and I don't care (1)

Sam36 (1065410) | about 7 months ago | (#45829459)

I know it is in plain text, and I don't care.

netctl doesn't encrypt it either (2)

SteveAyre (209812) | about 7 months ago | (#45829491)

That 'encrypted' key is no such thing. The passphrase you enter is used as input to a key-derivation algorithm. The value stored by netctl is the output of that algorithm. The interesting thing is that you can use that passphrase *as* the password too. So netctl is no more secure than NetworkManager storing it in a file on disk. The only thing it protects is someone knowing that the passphrase is BatteryHorseStaple - it doesn't protect your network at all.

The configuration file's permissions are sufficient to hide it from other users but not from physical access, as TFA notes you can encrypt your disk to protect that.

Or use a keyring, which NetworkManager does support. That will store it truly encrypted. The configuration files are just a simple fallback mechanism for when that isn't available.

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...