Talk:Session Restore: Difference between revisions

Jump to navigation Jump to search

Talk:Session Restore (view source)

Revision as of 16:59, 30 March 2006

10 bytes added ,  30 March 2006
m
→‎Security of saved data
Line 18: Line 18:
# When a new session backup is made, FF creates a random 256 bit key, encrypts the backup with that, and saves the new backup timestamp/decryption key pair for future use.
# When a new session backup is made, FF creates a random 256 bit key, encrypts the backup with that, and saves the new backup timestamp/decryption key pair for future use.
# When the backup is confirmed saved, then if there are more than <n> backups held, the file and key for the oldest one(s) are deleted.
# When the backup is confirmed saved, then if there are more than <n> backups held, the file and key for the oldest one(s) are deleted.
# If the key file ID and key are held in a place the user can see, there is code to prevent copy or pasting of that data.
# If the key file ID and key are held in a place the user can see within FF, there is code to prevent copy or pasting of that data.


I don't think you can do much better. Any code FF used to access the saved states on restart could be emulated by a rogue user or software. What this does is ensure that the files by themselves are harmless, that one key (if obtained)  does not give access to any older backed up session files, and that a user cannot just copy and use the key to open a file. Any better security would require a user password on starting FF or similar, as well as all FF saved data and cache to be encrypted; it can't easily be done by FF alone.
I don't think you can do much better. Any code FF used to access the saved states on restart could be emulated by a rogue user or software. What this does is ensure that the files by themselves are harmless, that one key (if obtained)  does not give access to any older backed up session files, and that a user cannot just copy and use the key to open a file. Any better security would require a user password on starting FF or similar, as well as all FF saved data and cache to be encrypted; it can't easily be done by FF alone.
Foxxen2
30

edits

Retrieved from "https://wiki.allizom.org/Special:MobileDiff/23189"

Navigation menu