Privacy and passwords

Charles Day cedayiv at gmail.com
Wed Mar 5 11:46:08 EST 2008 

On Wed, Mar 5, 2008 at 7:40 AM, Keith A. Milner <kamilner at superlative.org>
wrote:

> On Wednesday 05 March 2008 13:47:51 Alpár Jüttner wrote:
> >
> > And would make it more dangerous at the same time. As is were pointed in
> > this thread, such a feature would only give a false feeling of security.
> >
> > Think of the simple situation when your kid accidentally delete your
> > file. Maybe all of them. Will any kind of encryption protect your
> > important data? A separated account will protect you against this kind
> > of accidents with no effort. In fact, it protects _all_  your data with
> > a single setup.
>
> I agree.
>
> Complaining that Gnucash doesn't have a simple password when you don't
> even
> use account-level security is a bit like leaving your house front door
> wide
> open and then complaining there's not enough police on patrol to prevent
> it
> being burgled.
>

Windows may allow separate accounts, they are really only to keep personal
preferences and files from commingling. Even with separate accounts,
user-level file protection isn't turned on by default. And even when turned
on, the files are not encrypted and anyone with a bootable CD can see
whatever they like. That's why products like Quicken and Money encrypt and
password-protect their files. It's not irrelevant or valueless.

Even Linux can have security issues with browser exploits, privilege
escalation, and so on. An additional layer of protection beyond what the OS
provides is useful. Even root access from a bootable CD wouldn't let you
decrypt Quicken's data file. You have to beat the decryption or attack
unencrypted parts of the OS (swap files, perhaps).

That said, a password feature that didn't also include encryption is purely
theater, and would only stop the nosy and incompetent. Even though that's no
small population, I don't think theater is worth pursuing, for the same
reasons most of you have expressed.

Cheers,
Charles


> Cheers,
>
> --
> Keith A. Milner
> _______________________________________________
> gnucash-user mailing list
> gnucash-user at gnucash.org
> https://lists.gnucash.org/mailman/listinfo/gnucash-user
> -----
> Please remember to CC this list on all your replies.
> You can do this by using Reply-To-List or Reply-All.
>

More information about the gnucash-user mailing list