Comments on: KeyRing – Securely Store Information on your Palm OS Device

By: Matt Winckler

Matt Winckler — Wed, 26 Oct 2005 03:36:06 +0000

Open source: if it's not more secure, at least it makes you feel more secure! I think the security blanket provided by the pleasant thought that somebody out there could be looking at all these implementations is simply excellent.

Never mind that the people actually looking into it are a bunch of overweight creepy hackers with body odor problems and living in their mother's basement. Oops! Sorry, Mr. Robinson. Except you, except you! I didn't mean it! ow! ow! Stop twisting my arm!

By: Gary Paulson

Gary Paulson — Tue, 25 Oct 2005 21:40:09 +0000

But alas – If I do not carry it on my ‘portable brain’ then I will not have the info when I need it – For surely I cannot remember Social Security Number for my dearly loved spouse let alone 6 kids still at home (I can’t keep track of the kids’ birthdays let alone SSNs).

I would agree that open source is not ‘inherently’ more secure – but I would guess that at least it is verifiable. Any idea what kind of security is used to store Quickbooks info that who knows how many people carry around on their laptops?

Maybe my second layer of defense should be to rename the program to ‘Asteroids’ and then anyone who happens upon my PDA would never spend the time trying to ‘crack’ the password to a game if they even tried to open it?

By: Mr. Robinson

Mr. Robinson — Tue, 25 Oct 2005 16:14:52 +0000

Mr. Paulson-

I would highly recommend against storing these 3 items on your Palm-

Banking account numbers

Credit Cards numbers and PINs

Family Info including Social Security Numbers

A statement like "Open Source software: no back doors" alone would give me pause. It is a common misconception that open source software is inherently more secure than the alternative. In essence, 3DES is very "secure", but is a weak implementation that presents a possible vector for attack and exploit.