MotazArshiedFirstEssay 11 - 31 Dec 2019 - Main.MotazArshied
|
|
META TOPICPARENT | name="FirstEssay" |
| | The Risks I Have Entered Myself Into | |
< < | According to Chrome's latest extension in the respect of passwords, Passwords Checkup, my password manager stores information of 68 different sites: 53 of these passwords are reused, 23 of these accounts are using weak passwords and there are no compromised passwords. It is pretty shameful. However, people assume that provided with this information a user can be reassured of his safety. I argue the opposite. | > > | According to Chrome's latest extension in the respect of passwords, Passwords Checkup, my password manager stores information of 68 different sites: 53 of these passwords are reused, 23 of these accounts are using weak passwords and there are no compromised passwords. It is pretty shameful. However, people assume that provided with this information a user can be reassured of his safety. | | | |
< < | Because of the master password idea of passwords manager, if the database is insecure, then all the "advantages" that comes with it are wasted and from what I have researched, Google's passwords manager is far from secure. Untrue to their own claim that passwords manager stores the info in Google's servers, Chrome actually stores this info in SQLite database file in the user profile directory. By my amateur understanding, the SQLite database is a self-contained, server-less, zero-configuration, transactional SQL database engine and its code is in the public domain and is thus free for use for any purpose, commercial or private. Even a non-programmer lawyer like me can sense that this is not safe nor secure. | > > | However theoretically, as a result of the master password concept of passwords manager, if the database is insecure, then all the "advantages" that comes with it are wasted. Therefore, in order to understand whether a risk exist, and the magnitude of it, one needs to familiarize himself with the tech behind Google’s password manager. | | | |
< < | | > > | Untrue to their own claim that passwords manager stores the info in Google's servers, Chrome actually stores this info in SQLite database file in the user profile directory. SQLite database is a self-contained, server-less, zero-configuration, transactional SQL database engine and its code is in the public domain and is thus free for use for any purpose, commercial or private. The database does not contain the decryption key for the passwords in it, for the passwords are stored in encrypted form, thus creating an obstacle for one who tries to hack the database in search of passwords. | | | |
< < | Actually, this is not a security problem. SQLite is free software that is in everything, as you might expect. You got the feature description from the website, so you see that it's a component that helps all sorts of software systems by providing basic database functionality that is strong and in all senses free. But the places.sqlite database managed by your browser (by pretty much all browsers, in fact) doesn't have the decryption key for your passwords in it. The passwords are stored in encrypted form in the database SQLite manages: "attacking" the database cannot compromise the password. | > > | With that being described, this idea of convenience that I unreluctantly enslaved myself for has surely created my exposure to not only my private emails, conversations, files and etc., but also my very own property, especially my financial assets (e.g. my online banking password). | | | |
< < |
Thus potentially, any user to this database file can make modifications and access my personal data.
This idea of convenience that I unreluctantly enslaved myself for has exposed not only my private emails, conversations, files and etc. to outside threats, but also my very own property, especially my financial assets. Currently, these financial assets surround around my tuition payment and as a student sponsored by a full scholarship, who's in charge of utilizing the sum granted towards academic-financial duties, I became terrified. The claws of anyone smart enough to hack Chrome's database can reach the throat of all of my achievements, regardless of how much Chrome is trying to reassure me that my information has not been compromised. | > > | Currently, these financial assets surround around my tuition payment and as a scholarship sponsored student, who's in charge of utilizing the sum granted towards academic-financial obligations, I am terrified. What will happen if one day the machine will refuse my login? What will happen if it refuses my login on a holiday time, with no other services than online ones? Clearly, these questions intensify in problematic scenarios of banking fraud or unauthorized withdraws. | | Not less importantly, I have risked my own human control of my very own interests, connections, achievements and life through the instrument of the web. This conclusion led me to ask a final question: how do I take control back? In other, more subjective words, how could I redefine "convenience"? | | As can be inferred from the above, I have been contemplating with this idea and theme for a while. However, unlike the previous sections, this part was rather unclear for me to write - until our latest lecture when Prof. Moglen analogized nowadays and futuristic technology's convenience as "stuff our mothers used to do for us". Applying this idea here was natural for me: obviously my mother used to systematically remind me of important matters in my daily life, just as important as my current passwords and in the same systematic manner passwords manager does. Therefore, in the spirit of reminiscing of simpler times, I began second thinking.
| |
< < | The first-second thought I had was copying passwords manager's information, before permanently deleting it, to a notebook or other non web-connected instrument that I usually carry with me, such as a calendar or a professional notebook. There is a clear disadvantage of losing the digital comfort in this thought but I believe that overtime it will transform into a satisfying feeling of regaining human control over life.
The second-second thought I had was to disconnect from most of these platforms entirely. The fear of missing out is truly real when it comes to social media but is it too naive to think that if one maintains his desirable relationships steadily instead of superficially liking and commenting virtually, the FOMO would be neutralized?
On the other hand, there are some services I most likely won't (and can't) disconnect from (Faculty services, financial apps and Twiki for example), which leads me thinking that these kind of passwords for these platforms will have to be stored manually by me. | > > | The first-second thought I had was copying passwords manager's information, before permanently deleting it, to a notebook or other non-web connected instrument that I usually carry with me, such as a calendar or a notebook. There is the clear disadvantage of losing the digital comfort however I believe that overtime it will transform into a satisfying feeling of regaining human control. | | | |
< < | So you might want to
think a little bit about how to make memorable and more secure
passphrases than the "one letter in each case, one number, one
punctuation mark" nonsense people are mostly taught to follow.
Investigate passphrases. Find an XKCD cartoon on the subject, which
will prove memorable for you and introduce you to XKCD. That will
help you figure out what best practices really are, and when you are using them, your security will immediately improve.
| > > | The second-second thought I had was to disconnect from most of these platforms entirely. While contemplating over this thought I reckoned that the disconnection will have negative outcomes, especially on the social side. These outcomes can be avoided if I recreate my important passwords by using practices that will improve my security. For example, customizing my password with common letters, acronyms and elements (for example, instead of “MyPassword” one can write “My_Pa$$wrd”). These simple techniques can solve my passwords dilemma and render me some serenity in the chaos of the technology era. | |
|
|
MotazArshiedFirstEssay 9 - 25 Nov 2019 - Main.EbenMoglen
|
|
META TOPICPARENT | name="FirstEssay" |
| |
< < | It is strongly recommended that you include your outline in the body of your essay by using the outline as section titles. The headings below are there to remind you how section and subsection titles are formatted. | | How I Enslaved Myself With Google's Passwords Manager | | Because of the master password idea of passwords manager, if the database is insecure, then all the "advantages" that comes with it are wasted and from what I have researched, Google's passwords manager is far from secure. Untrue to their own claim that passwords manager stores the info in Google's servers, Chrome actually stores this info in SQLite database file in the user profile directory. By my amateur understanding, the SQLite database is a self-contained, server-less, zero-configuration, transactional SQL database engine and its code is in the public domain and is thus free for use for any purpose, commercial or private. Even a non-programmer lawyer like me can sense that this is not safe nor secure. | |
> > |
Actually, this is not a security problem. SQLite is free software that is in everything, as you might expect. You got the feature description from the website, so you see that it's a component that helps all sorts of software systems by providing basic database functionality that is strong and in all senses free. But the places.sqlite database managed by your browser (by pretty much all browsers, in fact) doesn't have the decryption key for your passwords in it. The passwords are stored in encrypted form in the database SQLite manages: "attacking" the database cannot compromise the password.
| | Thus potentially, any user to this database file can make modifications and access my personal data.
This idea of convenience that I unreluctantly enslaved myself for has exposed not only my private emails, conversations, files and etc. to outside threats, but also my very own property, especially my financial assets. Currently, these financial assets surround around my tuition payment and as a student sponsored by a full scholarship, who's in charge of utilizing the sum granted towards academic-financial duties, I became terrified. The claws of anyone smart enough to hack Chrome's database can reach the throat of all of my achievements, regardless of how much Chrome is trying to reassure me that my information has not been compromised. | | The second-second thought I had was to disconnect from most of these platforms entirely. The fear of missing out is truly real when it comes to social media but is it too naive to think that if one maintains his desirable relationships steadily instead of superficially liking and commenting virtually, the FOMO would be neutralized?
On the other hand, there are some services I most likely won't (and can't) disconnect from (Faculty services, financial apps and Twiki for example), which leads me thinking that these kind of passwords for these platforms will have to be stored manually by me. | |
> > | So you might want to
think a little bit about how to make memorable and more secure
passphrases than the "one letter in each case, one number, one
punctuation mark" nonsense people are mostly taught to follow.
Investigate passphrases. Find an XKCD cartoon on the subject, which
will prove memorable for you and introduce you to XKCD. That will
help you figure out what best practices really are, and when you are using them, your security will immediately improve.
| |
You are entitled to restrict access to your paper if you want to. But we all derive immense benefit from reading one another's work, and I hope you won't feel the need unless the subject matter is personal and its disclosure would be harmful or undesirable. |
|
MotazArshiedFirstEssay 8 - 11 Oct 2019 - Main.MotazArshied
|
|
META TOPICPARENT | name="FirstEssay" |
It is strongly recommended that you include your outline in the body of your essay by using the outline as section titles. The headings below are there to remind you how section and subsection titles are formatted. | |
< < | How Have I Enslaved Myself With Google's Passwords Manager | > > | How I Enslaved Myself With Google's Passwords Manager | | -- By MotazArshied - 07 Oct 2019
That Night Google Convinced Me to Register for this Course | |
< < | Passwords manager was introduced to help generating and retrieving our passwords, usually by storing those passwords in an encrypted database. If you use Google Chrome's passwords manager, as I shamefully do, then the method your passwords are being saved by Chrome is depending on whether you want to store and use them across devices. Turns out that is exactly what I systematically did without understanding the potential repercussions. | > > | Passwords manager was introduced to help generating and retrieving our passwords, usually by storing those passwords in an encrypted database. If you use Google Chrome's passwords manager, as I shamefully do, then the method your passwords are being saved by Chrome is depending on whether you want to store and use them across devices. Turns out this is exactly how I systematically acted without understanding the potential repercussions. | | After arriving in Manhattan Island, and just before the beginning of fall term, I decided to purchase my first ever MacBook.
So, I went on to visit that famous glass cubicle building near Lincoln Center and when I returned home, with a heavy bag and a much lighter pocket, I started setting up my new device. | |
< < | One of the first actions I took was to install Google Chrome browser and log onto my Google account. after doing that, I prepared myself for the exhausting process of re-log onto all of my other accounts (social media, student account, governmental and professional services, financial and etc.). It is sufficed to say that many of those accounts contain sensitive information, but Google went on anyway and automatically retrieved all of my passwords for those accounts, one after the other, re-entering all of my information instantly. The morning after I registered for this course. | > > | One of the first actions I took was to install Google Chrome browser and log onto my Google account, while preparing myself for the exhausting process of re-log onto all of my other accounts (social media, student account, governmental and professional services, financial and etc.). It is sufficed to say that many of those accounts contain sensitive information, but Google went on anyway and automatically retrieved all of my passwords for those accounts, one after the other, re-entering all of my information instantly. The morning after I registered for this course. | | Explaining Password Manager
"A password should contain at least one letter, one number, one special character..." and on and on it goes! | |
< < | We all been through it and it seems like the majority of us have created endless variations of personal passwords. By seeking to remedy this complex, inconvenient nowadays reality situation, passwords manager is a software relying on its users to store their credentials and sensitive information, to be retrieved later on when needed. Basically, it requires the user to remember "only" one master password in order to decrypt the passwords manager database.
The passwords manager stores full URLs next to the stored passwords and it does not log on automatically to those browsers, presumably out of creating another safety layer. | > > | We all been through it and it seems like the majority of us have created endless variations of personal passwords. Seeking to remedy this complex, inconvenient nowadays-reality situation, a software was created and called passwords manager, which relies on its users to store their credentials and sensitive information, to be retrieved later on when needed. Basically, it requires the user to remember "only" one master password in order to decrypt the passwords manager database.
The passwords manager stores full URLs next to the stored passwords and it does not log on automatically to those browsers, presumably in sake of creating another safety layer. | |
The Risks I Have Entered Myself Into | |
< < | According to Chrome's latest extension in the respect of passwords, Passwords Checkup, my password manager stores information of 68 different sites: 53 of these passwords are reused, 23 of these accounts are using weak passwords and there are no compromised passwords. What a shame. However, one might say that provided with this information a user can be reassured of his safety. I argue the opposite.
Because of the master password idea of passwords manager, if the database is insecure, then all the "advantages" that comes with it are wasted and from what I have researched, Google's passwords manager is not secure.
Untrue to their own claim that passwords manager stores the info in Google's servers, Google Chrome actually stores this info in SQLite database file in the user profile directory. By my modest and amateur understanding, the SQLite database is a self-contained, server-less, zero-configuration, transactional SQL database engine and its code is in the public domain and is thus free for use for any purpose, commercial or private. Even a non-programmer lawyer like me can sense that this is not safe nor secure. | > > | According to Chrome's latest extension in the respect of passwords, Passwords Checkup, my password manager stores information of 68 different sites: 53 of these passwords are reused, 23 of these accounts are using weak passwords and there are no compromised passwords. It is pretty shameful. However, people assume that provided with this information a user can be reassured of his safety. I argue the opposite.
Because of the master password idea of passwords manager, if the database is insecure, then all the "advantages" that comes with it are wasted and from what I have researched, Google's passwords manager is far from secure. Untrue to their own claim that passwords manager stores the info in Google's servers, Chrome actually stores this info in SQLite database file in the user profile directory. By my amateur understanding, the SQLite database is a self-contained, server-less, zero-configuration, transactional SQL database engine and its code is in the public domain and is thus free for use for any purpose, commercial or private. Even a non-programmer lawyer like me can sense that this is not safe nor secure. | | Thus potentially, any user to this database file can make modifications and access my personal data.
| |
< < | This idea of convenience that I unreluctantly enslaved myself for has exposed not only my private emails, conversations, files and etc. to outside threats, but also my very own property, especially my financial assets. To add on top of that lately these financial transactions surround around the fact I am a student sponsored by a full scholarship, who's in charge of utilizing the sum granted towards academic-financial duties, terrified me immensely. This situation has compromised my right of privacy and property, regardless of how much Google's are trying to reassure me that my information has not been compromised. | > > | This idea of convenience that I unreluctantly enslaved myself for has exposed not only my private emails, conversations, files and etc. to outside threats, but also my very own property, especially my financial assets. Currently, these financial assets surround around my tuition payment and as a student sponsored by a full scholarship, who's in charge of utilizing the sum granted towards academic-financial duties, I became terrified. The claws of anyone smart enough to hack Chrome's database can reach the throat of all of my achievements, regardless of how much Chrome is trying to reassure me that my information has not been compromised. | | | |
< < | Moreover, I have risked my own human control of my very own interests, connections, achievements and life through the instrument of the web. Like a lost captain in sea, I have let go of the wheel of my own ship at the brink of it being devoured by the sea I falsely trusted to lead it to safety shore. Thus, remains only the question: how do I take the wheel back? In other, more subjective words, how could I redefine "convenience"? | > > | Not less importantly, I have risked my own human control of my very own interests, connections, achievements and life through the instrument of the web. This conclusion led me to ask a final question: how do I take control back? In other, more subjective words, how could I redefine "convenience"? | | Reflecting Upon My Indifferent Behavior
Second Thoughts | |
< < | The first second thought I had is deleting passwords manager and keeping that information in a notebook or other non web-connected instrument that I usually carry with me, such as a calendar or a professional notebook. There is a clear disadvantage of digital comfort in this thought but I believe that overtime it will transform into a satisfying feeling of regaining human control over my life. | > > | As can be inferred from the above, I have been contemplating with this idea and theme for a while. However, unlike the previous sections, this part was rather unclear for me to write - until our latest lecture when Prof. Moglen analogized nowadays and futuristic technology's convenience as "stuff our mothers used to do for us". Applying this idea here was natural for me: obviously my mother used to systematically remind me of important matters in my daily life, just as important as my current passwords and in the same systematic manner passwords manager does. Therefore, in the spirit of reminiscing of simpler times, I began second thinking. | | | |
< < | The second second thought I had was to disconnect from most of these platforms anyway. The fear of missing out is truly real when it comes to social media but if one maintains his desirable relationships constantly instead of liking and commenting virtually, the FOMO should be neutralized. On the other hand, there are some services I most likely won't disconnect from (Faculty services, financial apps and Twiki for example). I believe these kind of platforms, will be used according to my first second thought. | > > | The first-second thought I had was copying passwords manager's information, before permanently deleting it, to a notebook or other non web-connected instrument that I usually carry with me, such as a calendar or a professional notebook. There is a clear disadvantage of losing the digital comfort in this thought but I believe that overtime it will transform into a satisfying feeling of regaining human control over life. | | | |
< < | Awareness Resolutions | > > | The second-second thought I had was to disconnect from most of these platforms entirely. The fear of missing out is truly real when it comes to social media but is it too naive to think that if one maintains his desirable relationships steadily instead of superficially liking and commenting virtually, the FOMO would be neutralized?
On the other hand, there are some services I most likely won't (and can't) disconnect from (Faculty services, financial apps and Twiki for example), which leads me thinking that these kind of passwords for these platforms will have to be stored manually by me. | |
|
|
MotazArshiedFirstEssay 7 - 10 Oct 2019 - Main.MotazArshied
|
|
META TOPICPARENT | name="FirstEssay" |
It is strongly recommended that you include your outline in the body of your essay by using the outline as section titles. The headings below are there to remind you how section and subsection titles are formatted. | | Passwords manager was introduced to help generating and retrieving our passwords, usually by storing those passwords in an encrypted database. If you use Google Chrome's passwords manager, as I shamefully do, then the method your passwords are being saved by Chrome is depending on whether you want to store and use them across devices. Turns out that is exactly what I systematically did without understanding the potential repercussions. | |
< < | After arriving in Manhattan Island, and just before the beginning of fall term, I decided to purchase a my first ever MacBook. So I went on to visit that famous glass cubicle building near Lincoln Center and when I returned home with a heavy bag and a much lighter pocket, I started setting up my new device. | > > | After arriving in Manhattan Island, and just before the beginning of fall term, I decided to purchase my first ever MacBook.
So, I went on to visit that famous glass cubicle building near Lincoln Center and when I returned home, with a heavy bag and a much lighter pocket, I started setting up my new device. | | | |
< < | One of the first actions I took was to install Google Chrome browser and log onto my Google account. after doing that, I prepared myself for the exhausting process of re-log onto all of my other accounts (social media, student account, governmental and professional services, financial and etc.). It is suffice to say that many of those accounts contain sensitive information, but Google went on anyway and automatically logged onto all of those, retrieving my passwords one after the other and entering all of my information instantly. The morning after I registered for this course. | > > | One of the first actions I took was to install Google Chrome browser and log onto my Google account. after doing that, I prepared myself for the exhausting process of re-log onto all of my other accounts (social media, student account, governmental and professional services, financial and etc.). It is sufficed to say that many of those accounts contain sensitive information, but Google went on anyway and automatically retrieved all of my passwords for those accounts, one after the other, re-entering all of my information instantly. The morning after I registered for this course. | | Explaining Password Manager
"A password should contain at least one letter, one number, one special character..." and on and on it goes! | |
< < | We all been through it and it seems everyone created endless variations of personal passwords. Passwords manager seeks to put an end to this situation. It is a software relying on its users to store their credentials and sensitive information, to be retrieved later on when needed. Basically, it requires the user to remember one master password in order to decrypt the passwords manager database.
The passwords manager stores full URLs next to the stored passwords and it does not log in automatically to those browsers, presumably out of creating another safety layer. | > > | We all been through it and it seems like the majority of us have created endless variations of personal passwords. By seeking to remedy this complex, inconvenient nowadays reality situation, passwords manager is a software relying on its users to store their credentials and sensitive information, to be retrieved later on when needed. Basically, it requires the user to remember "only" one master password in order to decrypt the passwords manager database.
The passwords manager stores full URLs next to the stored passwords and it does not log on automatically to those browsers, presumably out of creating another safety layer. | |
The Risks I Have Entered Myself Into | |
< < | According to my password manager, it contains password information of 68 different sites: 53 of these passwords are reused, 23 of these accounts are using weak passwords and there are no compromised passwords. What a shame. However, one might say that provided with this information a user can be reassured of his safety. I argue the opposite. | > > | According to Chrome's latest extension in the respect of passwords, Passwords Checkup, my password manager stores information of 68 different sites: 53 of these passwords are reused, 23 of these accounts are using weak passwords and there are no compromised passwords. What a shame. However, one might say that provided with this information a user can be reassured of his safety. I argue the opposite. | | Because of the master password idea of passwords manager, if the database is insecure, then all the "advantages" that comes with it are wasted and from what I have researched, Google's passwords manager is not secure. | |
< < | Untrue to their own claim that my passwords manager stores the info in Google's servers, Google Chrome stores my info in SQLite database file in the user profile directory. By my modest and amateur understanding, the SQLite database is a self-contained, server-less, zero-configuration, transactional SQL database engine and its code is in the public domain and is thus free for use for any purpose, commercial or private. Even a non-programmer lawyer like me can sense this isn't safe nor secure.
Thus, any user to this database file can make modifications and access my personal data. | > > | Untrue to their own claim that passwords manager stores the info in Google's servers, Google Chrome actually stores this info in SQLite database file in the user profile directory. By my modest and amateur understanding, the SQLite database is a self-contained, server-less, zero-configuration, transactional SQL database engine and its code is in the public domain and is thus free for use for any purpose, commercial or private. Even a non-programmer lawyer like me can sense that this is not safe nor secure. | | | |
> > | Thus potentially, any user to this database file can make modifications and access my personal data. | | | |
< < | My Fundamental & Constitutional Rights of Privacy and Property Could Be Easily Violated | > > | This idea of convenience that I unreluctantly enslaved myself for has exposed not only my private emails, conversations, files and etc. to outside threats, but also my very own property, especially my financial assets. To add on top of that lately these financial transactions surround around the fact I am a student sponsored by a full scholarship, who's in charge of utilizing the sum granted towards academic-financial duties, terrified me immensely. This situation has compromised my right of privacy and property, regardless of how much Google's are trying to reassure me that my information has not been compromised. | | | |
< < | BRIEFLY: The Studies and Tests Performed on Google Passwords Manager
Legal Remedies? | > > | Moreover, I have risked my own human control of my very own interests, connections, achievements and life through the instrument of the web. Like a lost captain in sea, I have let go of the wheel of my own ship at the brink of it being devoured by the sea I falsely trusted to lead it to safety shore. Thus, remains only the question: how do I take the wheel back? In other, more subjective words, how could I redefine "convenience"? | | Reflecting Upon My Indifferent Behavior
Second Thoughts | |
> > | The first second thought I had is deleting passwords manager and keeping that information in a notebook or other non web-connected instrument that I usually carry with me, such as a calendar or a professional notebook. There is a clear disadvantage of digital comfort in this thought but I believe that overtime it will transform into a satisfying feeling of regaining human control over my life.
The second second thought I had was to disconnect from most of these platforms anyway. The fear of missing out is truly real when it comes to social media but if one maintains his desirable relationships constantly instead of liking and commenting virtually, the FOMO should be neutralized. On the other hand, there are some services I most likely won't disconnect from (Faculty services, financial apps and Twiki for example). I believe these kind of platforms, will be used according to my first second thought.
| | Awareness Resolutions |
|
MotazArshiedFirstEssay 6 - 10 Oct 2019 - Main.MotazArshied
|
|
META TOPICPARENT | name="FirstEssay" |
It is strongly recommended that you include your outline in the body of your essay by using the outline as section titles. The headings below are there to remind you how section and subsection titles are formatted. | | Explaining Password Manager
"A password should contain at least one letter, one number, one special character..." and on and on it goes! | |
< < | We all been through this and it seems everyone created endless variations of personal passwords. Passwords manager seeks to put an end to this situation. It is a software relying on its users to store their credentials and sensitive information, to be retrieved later on when needed. Basically, it requires the user to remember one master password in order to decrypt the passwords manager database. | > > | We all been through it and it seems everyone created endless variations of personal passwords. Passwords manager seeks to put an end to this situation. It is a software relying on its users to store their credentials and sensitive information, to be retrieved later on when needed. Basically, it requires the user to remember one master password in order to decrypt the passwords manager database. | | The passwords manager stores full URLs next to the stored passwords and it does not log in automatically to those browsers, presumably out of creating another safety layer. |
|
MotazArshiedFirstEssay 5 - 10 Oct 2019 - Main.MotazArshied
|
|
META TOPICPARENT | name="FirstEssay" |
It is strongly recommended that you include your outline in the body of your essay by using the outline as section titles. The headings below are there to remind you how section and subsection titles are formatted. | |
< < | How Have I Enslaved Myself With Google Passwords Service | > > | How Have I Enslaved Myself With Google's Passwords Manager | | -- By MotazArshied - 07 Oct 2019 | |
< < | When Google Convinced Me to Join The Course
passwords manager was introduced to help generating and retrieving our passwords, usually by storing those passwords in an encrypted database. If you use Google Chrome's Passwords Managers, as I shamefully do, then the way your passwords are being saved by Chrome is depending on whether you want to store and use them across devices. Turns out that is exactly what I chose to do in the past ands that is where the story of this course and I began: | > > | That Night Google Convinced Me to Register for this Course | | | |
< < | After arriving in Manhattan Island, and just before the beginning of fall term, I decided to purchase a new, shiny MacBook. I left my old Lenovo on the desk, a device which I have been intensively using during the past few years, and went on to visit that famous glass cubicle building near Lincoln Center. When I returned with a heavy bag and a much lighter pocket, I started setting up my new device. | > > | Passwords manager was introduced to help generating and retrieving our passwords, usually by storing those passwords in an encrypted database. If you use Google Chrome's passwords manager, as I shamefully do, then the method your passwords are being saved by Chrome is depending on whether you want to store and use them across devices. Turns out that is exactly what I systematically did without understanding the potential repercussions. | | | |
< < | One of the earliest actions I took was to install Google Chrome Browser and log into my Google account. Post doing that, I prepared myself for the exhausting process of re-login into all of my other accounts and platform services (social media, student account, governmental and professional services, financial accounts and etc.). It is suffice to say that many of those accounts contain sensitive information, but Google went on anyway and automatically logged into all of those, retrieving my passwords and entering all of my information instantly. The morning after I joined the waitlist for this course, which luckily, I was eventually enrolled into. | > > | After arriving in Manhattan Island, and just before the beginning of fall term, I decided to purchase a my first ever MacBook. So I went on to visit that famous glass cubicle building near Lincoln Center and when I returned home with a heavy bag and a much lighter pocket, I started setting up my new device.
One of the first actions I took was to install Google Chrome browser and log onto my Google account. after doing that, I prepared myself for the exhausting process of re-log onto all of my other accounts (social media, student account, governmental and professional services, financial and etc.). It is suffice to say that many of those accounts contain sensitive information, but Google went on anyway and automatically logged onto all of those, retrieving my passwords one after the other and entering all of my information instantly. The morning after I registered for this course. | | Explaining Password Manager | |
> > | | | "A password should contain at least one letter, one number, one special character..." and on and on it goes!
We all been through this and it seems everyone created endless variations of personal passwords. Passwords manager seeks to put an end to this situation. It is a software relying on its users to store their credentials and sensitive information, to be retrieved later on when needed. Basically, it requires the user to remember one master password in order to decrypt the passwords manager database.
The passwords manager stores full URLs next to the stored passwords and it does not log in automatically to those browsers, presumably out of creating another safety layer. | | The passwords manager stores full URLs next to the stored passwords and it does not log in automatically to those browsers, presumably out of creating another safety layer.
| |
> > | The Risks I Have Entered Myself Into | | | |
> > | According to my password manager, it contains password information of 68 different sites: 53 of these passwords are reused, 23 of these accounts are using weak passwords and there are no compromised passwords. What a shame. However, one might say that provided with this information a user can be reassured of his safety. I argue the opposite.
Because of the master password idea of passwords manager, if the database is insecure, then all the "advantages" that comes with it are wasted and from what I have researched, Google's passwords manager is not secure.
Untrue to their own claim that my passwords manager stores the info in Google's servers, Google Chrome stores my info in SQLite database file in the user profile directory. By my modest and amateur understanding, the SQLite database is a self-contained, server-less, zero-configuration, transactional SQL database engine and its code is in the public domain and is thus free for use for any purpose, commercial or private. Even a non-programmer lawyer like me can sense this isn't safe nor secure.
Thus, any user to this database file can make modifications and access my personal data. | | | |
< < | The Risks I Have Entered Myself Into | | My Fundamental & Constitutional Rights of Privacy and Property Could Be Easily Violated | |
< < | BRIEFLY: The Studies and Tests Preformed on Google Passwords Manager | > > | BRIEFLY: The Studies and Tests Performed on Google Passwords Manager | | Legal Remedies? |
|
MotazArshiedFirstEssay 4 - 09 Oct 2019 - Main.MotazArshied
|
|
META TOPICPARENT | name="FirstEssay" |
It is strongly recommended that you include your outline in the body of your essay by using the outline as section titles. The headings below are there to remind you how section and subsection titles are formatted. | | -- By MotazArshied - 07 Oct 2019 | |
< < | Google Passwords - Introduction | > > | When Google Convinced Me to Join The Course
passwords manager was introduced to help generating and retrieving our passwords, usually by storing those passwords in an encrypted database. If you use Google Chrome's Passwords Managers, as I shamefully do, then the way your passwords are being saved by Chrome is depending on whether you want to store and use them across devices. Turns out that is exactly what I chose to do in the past ands that is where the story of this course and I began: | | | |
> > | After arriving in Manhattan Island, and just before the beginning of fall term, I decided to purchase a new, shiny MacBook. I left my old Lenovo on the desk, a device which I have been intensively using during the past few years, and went on to visit that famous glass cubicle building near Lincoln Center. When I returned with a heavy bag and a much lighter pocket, I started setting up my new device. | | | |
< < | Explaining the Tech Behind Password Manager | > > | One of the earliest actions I took was to install Google Chrome Browser and log into my Google account. Post doing that, I prepared myself for the exhausting process of re-login into all of my other accounts and platform services (social media, student account, governmental and professional services, financial accounts and etc.). It is suffice to say that many of those accounts contain sensitive information, but Google went on anyway and automatically logged into all of those, retrieving my passwords and entering all of my information instantly. The morning after I joined the waitlist for this course, which luckily, I was eventually enrolled into.
Explaining Password Manager
"A password should contain at least one letter, one number, one special character..." and on and on it goes!
We all been through this and it seems everyone created endless variations of personal passwords. Passwords manager seeks to put an end to this situation. It is a software relying on its users to store their credentials and sensitive information, to be retrieved later on when needed. Basically, it requires the user to remember one master password in order to decrypt the passwords manager database.
The passwords manager stores full URLs next to the stored passwords and it does not log in automatically to those browsers, presumably out of creating another safety layer. | | | |
< < | Google Password Checkup - New Extension | |
The Risks I Have Entered Myself Into | | My Fundamental & Constitutional Rights of Privacy and Property Could Be Easily Violated | |
< < | BRIEFLY: The Studies and Tests Preformed On Google Passwords Manager | > > | BRIEFLY: The Studies and Tests Preformed on Google Passwords Manager | | Legal Remedies? |
|
MotazArshiedFirstEssay 3 - 09 Oct 2019 - Main.MotazArshied
|
|
META TOPICPARENT | name="FirstEssay" |
It is strongly recommended that you include your outline in the body of your essay by using the outline as section titles. The headings below are there to remind you how section and subsection titles are formatted. |
|
MotazArshiedFirstEssay 2 - 07 Oct 2019 - Main.MotazArshied
|
|
META TOPICPARENT | name="FirstEssay" |
It is strongly recommended that you include your outline in the body of your essay by using the outline as section titles. The headings below are there to remind you how section and subsection titles are formatted. |
|
MotazArshiedFirstEssay 1 - 07 Oct 2019 - Main.MotazArshied
|
|
> > |
META TOPICPARENT | name="FirstEssay" |
It is strongly recommended that you include your outline in the body of your essay by using the outline as section titles. The headings below are there to remind you how section and subsection titles are formatted.
How Have I Enslaved Myself With Google Passwords Service
-- By MotazArshied - 07 Oct 2019
Google Passwords - Introduction
Explaining the Tech Behind Password Manager
Google Password Checkup - New Extension
The Risks I Have Entered Myself Into
My Fundamental & Constitutional Rights of Privacy and Property Could Be Easily Violated
BRIEFLY: The Studies and Tests Preformed On Google Passwords Manager
Legal Remedies?
Reflecting Upon My Indifferent Behavior
Second Thoughts
Awareness Resolutions
You are entitled to restrict access to your paper if you want to. But we all derive immense benefit from reading one another's work, and I hope you won't feel the need unless the subject matter is personal and its disclosure would be harmful or undesirable.
To restrict access to your paper simply delete the "#" character on the next two lines:
Note: TWiki has strict formatting rules for preference declarations. Make sure you preserve the three spaces, asterisk, and extra space at the beginning of these lines. If you wish to give access to any other users simply add them to the comma separated ALLOWTOPICVIEW list. |
|
|
|
This site is powered by the TWiki collaboration platform. All material on this collaboration platform is the property of the contributing authors. All material marked as authored by Eben Moglen is available under the license terms CC-BY-SA version 4.
|
|