Privacy and passwords

Donald Allen donaldcallen at gmail.com
Wed Mar 5 12:42:05 EST 2008 

On Wed, Mar 5, 2008 at 11:46 AM, Charles Day <cedayiv at gmail.com> wrote:
> On Wed, Mar 5, 2008 at 7:40 AM, Keith A. Milner <kamilner at superlative.org>
>  wrote:
>
>  > On Wednesday 05 March 2008 13:47:51 Alpár Jüttner wrote:
>  > >
>  > > And would make it more dangerous at the same time. As is were pointed in
>  > > this thread, such a feature would only give a false feeling of security.
>  > >
>  > > Think of the simple situation when your kid accidentally delete your
>  > > file. Maybe all of them. Will any kind of encryption protect your
>  > > important data? A separated account will protect you against this kind
>  > > of accidents with no effort. In fact, it protects _all_  your data with
>  > > a single setup.
>  >
>  > I agree.
>  >
>  > Complaining that Gnucash doesn't have a simple password when you don't
>  > even
>  > use account-level security is a bit like leaving your house front door
>  > wide
>  > open and then complaining there's not enough police on patrol to prevent
>  > it
>  > being burgled.
>  >
>
>  Windows may allow separate accounts, they are really only to keep personal
>  preferences and files from commingling. Even with separate accounts,
>  user-level file protection isn't turned on by default. And even when turned
>  on, the files are not encrypted and anyone with a bootable CD can see
>  whatever they like. That's why products like Quicken and Money encrypt and
>  password-protect their files. It's not irrelevant or valueless.
>
>  Even Linux can have security issues with browser exploits, privilege
>  escalation, and so on. An additional layer of protection beyond what the OS
>  provides is useful. Even root access from a bootable CD wouldn't let you
>  decrypt Quicken's data file. You have to beat the decryption or attack
>  unencrypted parts of the OS (swap files, perhaps).
>
>  That said, a password feature that didn't also include encryption is purely
>  theater, and would only stop the nosy and incompetent. Even though that's no
>  small population, I don't think theater is worth pursuing, for the same
>  reasons most of you have expressed.

I actually agree with the  post that started this thread that putting
an easy-to-implement impediment between his gnucash file and the
non-technical-but-nosy is reasonable. He acknowledged in that first
post that he understood that there was much more to real security than
what he was asking for and he explicitly said he wasn't trying to
solve the whole problem. So I don't think lecturing him about security
was necessary. And you, Charles, are certainly correct that Windows
doesn't protect the files of individual accounts by default. But it
*does* have a full permissioning system and if the gentleman wanted to
erect the afore-mentioned impediment, that could be done fairly easily
in Windows (though not as easily as in Linux) *if* he had a Windows
account separate from other members of his family. Therefore, I agree
with those who have objected to his asking the gnucash developers to
solve a problem that he could pretty easily solve himself.

I also don't see anything wrong with the way the gnucash developers
are making their choices. Their time is a scarce resource, they are
not being paid for what they do, and nonetheless they've provided us
with a fine piece of software, gratis. So none of us non-developers
are in a position to be saying "you should be working on what *I*
want, not what *you* want". And while I think this discussion may have
gotten off track in spots (though it was certainly interesting), the
outcome seems reasonable to me: if gnucash doesn't do what you want
and you don't like the developers' priorities, either don't use the
software, or contribute code that implements what you want, though I
think the core developers should have every right to reject the code,
if they don't feel it is gnucash-worthy for whatever reason -- the
rejected code can always be used in a private version.

/Don


>
>  Cheers,
>  Charles
>
>
>  > Cheers,
>  >
>  > --
>  > Keith A. Milner
>  > _______________________________________________
>  > gnucash-user mailing list
>  > gnucash-user at gnucash.org
>  > https://lists.gnucash.org/mailman/listinfo/gnucash-user
>  > -----
>  > Please remember to CC this list on all your replies.
>  > You can do this by using Reply-To-List or Reply-All.
>  >
>  _______________________________________________
>  gnucash-user mailing list
>  gnucash-user at gnucash.org
>  https://lists.gnucash.org/mailman/listinfo/gnucash-user
>  -----
>  Please remember to CC this list on all your replies.
>  You can do this by using Reply-To-List or Reply-All.
>

More information about the gnucash-user mailing list