Privacy and passwords
Charles Day
cedayiv at gmail.com
Sun Mar 2 12:44:22 EST 2008
On Sat, Mar 1, 2008 at 12:08 PM, Davey Jones <davidkjones03 at googlemail.com>
wrote:
> Having done a search of the archives, I'm still not clear why there is
> is such a huge philosophical objection from the devs to implementing a
> simple password feature for Gnucash.
>
I was involved in a discussion of the same topic in November/December. (To
skip the beginning bits, begin reading
here<https://lists.gnucash.org/pipermail/gnucash-user/2007-December/022683.html>.)
For the XML backend, I think the conclusion was that the previously
expressed philosophical objections were not an issue provided that all the
crypo stuff could be implemented through a well-known and maintained
open-source library, so that GnuCash would only need to do a few simple API
calls. However, due to lack of resources and the higher priority given to
bug fixes and other enhancements, implementing a password feature for the
XML file is unlikely anytime soon. That was the conclusion reached, at least
as I understood it.
However, there are a number of developers currently working very hard on
adding the option of using a database of your choice as the backend for
GnuCash (rather than an XML file). When these efforts are completed, it
should be fairly simple to integrate any encryption and password protection
functionality provided by the database software.
Cheers,
Charles
The alternatives mentioned by the devs, such as using pgp, are not
> particularly practical or user friendly for the majority of
> non-technical lay users. Even suggestions to use a separate OS user
> account for each person who uses the computer does not fit in with the
> real world usage where mom, pop, the kids and and their friends all
> use the same OS account on the computer.
>
> All most people want is a simple privacy feature that asks for a
> password on startup to open the data file. This would not need to be a
> complex uncrackable crytpotgraphic subroutine - just something simple
> that will discourage casual nosy parkers. Most people seeing the
> gnucash icon on the desktop and clicking it out of curiosity would see
> the request for a password and not go any further.
>
> Sure, it wouldn't discourage any 1337 hackers, but for stopping your
> spouse or a guest from casually browsing through your personal
> financial records, this would be an more than sufficient. For Gnucash
> to become a mainstream alternative to Quicken and Microsoft Money,
> this feature is vital.
>
> So come on, devs. Why not?
> _______________________________________________
> gnucash-user mailing list
> gnucash-user at gnucash.org
> https://lists.gnucash.org/mailman/listinfo/gnucash-user
> -----
> Please remember to CC this list on all your replies.
> You can do this by using Reply-To-List or Reply-All.
>
More information about the gnucash-user
mailing list