App security (new KeepassRX app)
-
I saw the new KeepassRX app pop up in the app store and I'm very interested to try it. Normally I'm not that that strict with security and trust the systems and people in place. However, this app will have access to all my passwords and made me wonder. Are there any security checks before an app is added to the app store? Can we for example be sure the package is built from the linked source code?
-
C CiberSheep moved this topic from General
-
This has been on my mind too.
I wish there was an strict firewall native in Ubuntu Touch so that we would see and control what is allowed to talk. A local Keepass should not talk to the internet.
-
@t12392n said in App security (new KeepassRX app):
I wish there was an strict firewall native in Ubuntu Touch so that we would see and control what is allowed to talk. A local Keepass should not talk to the internet.
If the app is confined (as this one is) you don't need to blindly trust that the package in the open store was compiled by the code that is linked, to be sure it doesn't phone home. If you know what to look for, you can download the .click package and examine the contents. The most important is the .apparmor file, which describes what permissions the packages requests from the system.
Here we see that this app is indeed confined, and it only declares the content_exchange policy group. This means that the app will not be able to access the network at all, because the networking policy group is not included in the apparmor.
-
@arubislander Thanks for the information, something like this is what I was looking for.
-
@RandomUser
The guy is super motivated and the app is evolving very quickly. It has already caught up with Focal and promises to evolve even further.
Really great! -
To be fair, this is a valid concern. I wonder if it's a good idea to notify users when an app update changes or adds new apparmor policy in the new version.
-
@kugiigi Was not saying the concern is not valid. Was saying it can be assuaged, and showing how. The permissions requested are also listed in the Open Store itself.
But you do raise a good point. Maybe like a dialog box listing the new permissions that are requested since the last update, which gives the option to proceed or cancel.
-
@t12392n said in App security (new KeepassRX app):
A local Keepass should not talk to the internet.
Where did you get the idea that it does?
@arubislander said in App security (new KeepassRX app):
If the app is confined (as this one is) you don't need to blindly trust that the package in the open store was compiled by the code that is linked, to be sure it doesn't phone home. If you know what to look for, you can download the .click package and examine the contents.
All versions of OpenStore also show the permissions list and that should be the first thing people check, can't expect non-technical users to unpack clicks before installation.
Kind of related, we should probably update the popup when you install from a local
.click
file to show more info and definitely show permissions. -
@klh said in App security (new KeepassRX app):
All versions of OpenStore also show the permissions list and that should be the first thing people check, can't expect non-technical users to unpack clicks before installation.
Fully agreed. But RandomUser did not strike me as someone who would necessarily trust second hand information. So I showed a way they could check for themselves.
-
@Vlad-Nirky said in App security (new KeepassRX app):
@RandomUser
The guy is super motivated and the app is evolving very quickly. It has already caught up with Focal and promises to evolve even further.
Really great!I'm not denying that, I can see the progress and appreciate all the work he's doing, genuinely. But you give the app access to all your passwords, I don't think it's unreasonable to be a bit cautious.
-
@RandomUser
Yes, of course.
That's already what I do with KeepassXC on my PC.
My choice is to do it locally and not on the Bitwarden or Dashlane web servers.
Most of them have MFA.
I understand your concern about having a clear view of what the application can use.
And Maciek's idea of blocking installation until we accept a change in the permissions granted seems excellent to me. -
@arubislander said in App security (new KeepassRX app):
@t12392n said in App security (new KeepassRX app):
I wish there was an strict firewall native in Ubuntu Touch so that we would see and control what is allowed to talk. A local Keepass should not talk to the internet.
If the app is confined (as this one is) you don't need to blindly trust that the package in the open store was compiled by the code that is linked, to be sure it doesn't phone home. If you know what to look for, you can download the .click package and examine the contents. The most important is the .apparmor file, which describes what permissions the packages requests from the system.
Admittingly, I am lacking full understanding of how this .click system works nor having deep understanding of how App Armor so I am at an disadvantage.
But thanks for the note, I will need to re up on both .click packages!
@klh said in App security (new KeepassRX app):
@t12392n said in App security (new KeepassRX app):
A local Keepass should not talk to the internet.
Where did you get the idea that it does?
My mistake, I should have been more clear that it was an example case that a password app should never need to talk with the internet, which believe it or not, is common with apps on Google Play store.