Twitter Button from twitbuttons.com
October 24, 2005

KeyRing - Securely Store Information on your Palm OS Device

I have been using [Keyring for PalmOS](http://gnukeyring.sourceforge.net/index.html(http://www.zia.com.br/modules.php?name=Content&pa=showpage&pid=1) and the associated windows conduit for quite a while to store all kinds of information that I want to keep but don’t want someone else to get to easily if they come across my Palm someday.

Some of the categories I have set up include:

  • Banking account numbers
  • Credit Cards numbers and PINs
  • Family Info including Social Security Numbers
  • Lock Combinations
  • Online Usernames & Passwords
  • Software Registration Codes

KeyRing features:

  • Secure triple-DES encryption using a 112-bit key derived from the password
  • Open Source Software: no back doors, no license fees
  • Export records to the Memo Pad
  • Generate random new passwords

The windows conduit provides read-only access at this time. Otherwise it has all the same usability features as the Palm version. It is nice to be able to use it on the PC when I am at my desk.

Neither program has seen any new development in quite a long time - but they both do what I need so am using them and would recommend without hesitation.

Navigation:

3 Comments »

  1. 1

    Mr. Paulson-

    I would highly recommend against storing these 3 items on your Palm-

    Banking account numbers

    Credit Cards numbers and PINs

    Family Info including Social Security Numbers

    A statement like “Open Source software: no back doors” alone would give me pause. It is a common misconception that open source software is inherently more secure than the alternative. In essence, 3DES is very “secure”, but is a weak implementation that presents a possible vector for attack and exploit.

    Comment by Mr. Robinson — October 25, 2005 @ 9:14 am


  2. 2

    But alas - If I do not carry it on my ‘portable brain’ then I will not have the info when I need it - For surely I cannot remember Social Security Number for my dearly loved spouse let alone 6 kids still at home (I can’t keep track of the kids’ birthdays let alone SSNs).

    I would agree that open source is not ‘inherently’ more secure - but I would guess that at least it is verifiable. Any idea what kind of security is used to store Quickbooks info that who knows how many people carry around on their laptops?

    Maybe my second layer of defense should be to rename the program to ‘Asteroids’ and then anyone who happens upon my PDA would never spend the time trying to ‘crack’ the password to a game if they even tried to open it?

    Comment by Gary Paulson — October 25, 2005 @ 2:40 pm


  3. 3

    Open source: if it’s not more secure, at least it makes you feel more secure! I think the security blanket provided by the pleasant thought that somebody out there could be looking at all these implementations is simply excellent.

    Never mind that the people actually looking into it are a bunch of overweight creepy hackers with body odor problems and living in their mother’s basement. Oops! Sorry, Mr. Robinson. Except you, except you! I didn’t mean it! ow! ow! Stop twisting my arm!

    Comment by Matt Winckler — October 25, 2005 @ 8:36 pm


RSS feed for comments on this post. TrackBack URI

Leave a comment



Powered by WordPress
Copyright by Gary Paulson

Bad Behavior has blocked 1318 access attempts in the last 7 days.