This is a community wiki. I would really like other folk's thoughts on this. I do not want to discuss the ethics of storing plain text passwords either.
For those unfamiliar, libpurple is the library used by Pidgin, and when you choose to save your passwords, it does so as plain text under ~/.purple/accounts.xml.
The reasoning behind this is that if someone can access your user account, you have bigger problems to worry about, among other valid points.
My main worry is that I use my gmail account in Pidgin, and so my gmail password is stored in plain text. Access to someone's email means access to 90% of their other accounts, via password recovery features on most sites. Eeek.
Consider that...
- My /home is encrypted, if someone gets physical access to the drive
- I always lock my system when I walk away
- I'm sensible about installing unofficial packages
- Any application I run in userland has access to my user files
How safe is this really? Are there any other threats that could potentially access accounts.xml?
Update
Thanks for the replies! So far have:
- Manage your firewall
- Use applications that store sensitive info securely (ie via Gnome Keyring)
- Use strong passwords and keep your system updated
- Symlink sensitive files from an encrypted ~/Private directory
I'm happy that my data is safe in case of theft. I'm more worried about some process crafted to target these unsecured files. Then again the nature of open source software makes it difficult for malicious apps, as public code review will expose the malicious code.
If you you can think of any other vectors through which these account details could be accessed, I'd like to hear them :)
For the most part if anyone has physical access to the machine security is null and void. As for "other users" if they are not trying to access the files and might just stumble into it just set the permissions on your home folder so no one else has any access except you.
As far as security over a network I find it hard to believe someone would get into your personal files unless you carelessly leave ports open. If you are concerned use Gufw to manage your firewall. You can also check from this website if you have security holes of some kind: https://www.grc.com/x/ne.dll?bh0bkyd2
Also you can read this security overview on the Ubuntu forums: http://ubuntuforums.org/showthread.php?t=510812
I hope this can be of help to you!
So your concern is application that store sensitive data in clear text. Here are a few suggestions:
I generally create an encrypted Private directory and move pidgin config and any other more dangerous information (.ssh, etc) into ~/Private. I then create symlinks for the directories in their original locations. To create an encrypted Private directory, use
You may need to install a package as well:
See the this for more details
If your /home is encrypted, then the only way that the password can be recovered is by unencrypting it, which the only way to do this (unless you have a very large server farm and a lot of time) is to use the password. This could be bruteforced in time, so make sure it is a very strong password.
So, all in all, that is pretty secure. I personally would be happy to keep my gmail password in an encrypted /home directory.