[jMyles]

> This falls into the question of what can we do to prevent attacks from malicious processes running on the user's machine.

It's likely that I'm misunderstanding things here, but here's what I'm imagining:

* I use 1Password and presume that my plaintext password stays on my machine.

* I use HTTPS for traffic that I care to secure.

* I contract to a vendor, with whom I don't share trusted information, to provide a dumb (non-VPS) shell, which I use for a variety of purposes.

* Among these, I use a SOCKS proxy to VPN traffic for some reason (say, to circumvent state censorship). Again, I presume that the vendor in question can't read my HTTPS traffic or 1Password info.

Can't the vendor in this case, who presumably has root on the machine in question, now sniff the loopback and find my passwords?

If the answer is "yes," then it breaks the workflow of trustless use of a SOCKS proxy.

[Etzos]

The vendor does not have root on your machine or access to the loopback interface. Your machine's loopback interface should not be exposed through a SOCKS proxy unless you specifically tell it to do so (which is a terrible idea for reasons beyond just this situation).

[jMyles]

I see. So the loopback traffic occurs on the local machine, the password is decrypted, and only then sent over the regular HTTP(S) connection (with this last bit being the only traffic on the SOCKS)?

[jlgaddis]

Yes. Check your settings for your proxy to make sure you aren't sending traffic for localhost over the proxy.

(In Firefox, for example, it's excluded automatically.)