|
|
|
|
|
|
by PuffinBlue
4022 days ago
|
|
|
Therein lies the rub, I don't think it is - the main plugins aren't anyway. There is an open source CLI version though [1]. So it's on trust. I trust them to have correctly implemented it based on the logic that their entire business' existence is build on the security of the platform. If it fails, they fail, so I trust them to have put the work in and to do continual monitoring. I have to trust KeePass too, I don't have the skill to audit it myself and the fact it's Open-Source is no guarantee of security (Heartbleed anyone?) so it's all about where your trust point/compromise lies. [1] https://blog.lastpass.com/2014/10/open-sourced-lastpass-comm... |
|
|