[md_]

> Given Google's stance of not encrypting local storage in any way that I am aware of, this is fundamentally unsurprising. I have long been saying that Android is insecure and that storing passwords in Chrome is dangerous.

ChromeOS and Android both implement FDE. There are some legitimate criticisms of (especially) the latter, voiced by e.g. Matthew Green, but you're just speaking nonsense here.

There's very little value in per-app encryption on desktop OSes; it's security theater.

I shudder to think of what your "secure communications" app does. I hope you're a good lawyer. ;)

[libertymcateer]

I am not talking about ChromeOS - I am talking about the Chrome browser. Localstorage, last I checked, which was recently, is plaintext.

> ChromeOS and Android both implement FDE

Which is irrelevant if the runtime is compromised, which appears to be the case.

[md_]

Let's be all Socratic here:

Given a desktop OS like Windows that implements FDE like Bitlocker and runs a browser like Chrome, can you describe a hypothetical threat in which Chrome encrypting localstorage would prevent exploitation?

[libertymcateer]

Yes - worms or browsers that scan local data files without accessing the runtime of the parent application.

[md_]

So your threat model is "malware which has access to memory containing plaintext but is written by idiots"?

0_o

[libertymcateer]

Dunno if you are still checking this thread, but I had a followup to this question.

It seems to me that certain cryptoviruses function in the following way (e.g. certain variants of ransom_vxlock - I will see if I can find a specific example):

* The virus functions like other cryptoviruses, encrypting local data and holding it for ransom

* However, in addition to holding your local data ransom, it archives certain files that are likely to hold passwords (e.g., the chrome password store), and then emails them to the C&C server

If this is the case, would local encryption of the chrome password store be a protection, or would the decryption of this store be trivial the the virus author? Again, assuming that the virus author is a script kiddy.

So, basically, I am asking that if the characterization of the virus described is accurate, doesn't that mean that the threat model I describe also actually occurs in the wild? I'm not trying to be facetious here - I am trying to get to the bottom of this.

I will try to find links to support the above.

[vetinari]

And it does not matter - it is in Chrome's homedir, no other app can access it. Wrt. physical store, it is on FDE anyway.

[libertymcateer]

Good sn.

[bitmapbrother]

>Which is irrelevant if the runtime is compromised, which appears to be the case.

You're under the false assumption that these exploits are current - they're not. In fact, they're very old.

[libertymcateer]

These ones?

https://www.washingtonpost.com/world/national-security/wikil...

[bitmapbrother]

Why not point to the actual ancient exploits from circa 2011-2013 for Android versions below 5 and Chrome versions below 40?

https://wikileaks.org/ciav7p1/cms/page_11629096.html

[libertymcateer]

Thanks for the link. So then is the assertion that the relevant hacks are all for older versions of Android? How does that comport with the current batch of hacks?

[bitmapbrother]

All of the hacks are for older versions of Android and iOS. Specifically Android version 4.x and iOS version 9.x.

"Apple says most vulnerabilities in Wikileaks docs are already patched"

https://techcrunch.com/2017/03/07/apple-says-most-vulnerabil...