On Fri, 11 Jun 2021, William Herrin wrote:
> On Fri, Jun 11, 2021 at 9:42 AM César de Tassis Filho
> <ctassisf@gmail.com> wrote:
>> Google does not have access to your plain-text passwords in either case.
>
> If they can display the plain text passwords to me on my screen in a
> non-Google web browser then they have access to my plain text
> passwords. Everything else is semantics.
Untrue. If you have a key on your computer, such as was mentioned that
the Google key may be stored locally in the MacOS Keychain, and you unlock
your MacOS Keychain with your local laptop login password, which is also
stored on an encrypted disk volume, that does not mean those passwords
have left your computer in plain text, or that Google has this key that
lives in your keychain.
I agree, if they do, that's terrible. But I haven't seen any evidence that
they do.
However, if the password is entered on one device (Android device, for example,
as mentioned in the original post), and then is visible in clear-text on a different
browser on a different device (laptop, for example, again, from the original post),
then clearly the password has left the original device in a form which is reversible
to the original clear text. You can argue that it may be stored "in the cloud" in
encrypted form; but it's clearly being stored in a manner which can be reversed
to gain access to the original clear text, and using a key which is known to both
devices involved, and to the cloud system validating that authentication.
This isn't about seeing the passwords in clear text on the same device
upon which they were entered; this is about a *separate* device having
visible access to the clear text of a password that was not entered via
that device.
If the laptop had required Bill to enter a decryption key first in order to
see the clear text, and that decryption key was one he had manually
configured on both devices, stored only locally on each device, then
you might be able to argue that the cloud never has visibility into the
passwords; but if the keys are encrypted using a gmail login credential,
which is itself stored and verified within the same cloud environment as
the encrypted password strings it is protecting, then your two factor
security has collapsed back down into a single point of compromise;
compromise the google password, and you have access to all the
passwords that were uploaded and stored in the system unbeknownst
to the user.
That's the part that would leave me concerned.
Having my email password compromised?
That's a bit of a "meh" moment.
Suddenly discovering that one password now gave access to
potentially all my financial accounts as well?
That's a wake up in the night with cold sweats moment. :(
Matt