On Wed, 22 Aug 2012 14:54:30 +0300 Tom Hacohen <tom.haco...@samsung.com> said:
> On 22/08/12 14:51, Carsten Haitzler (The Rasterman) wrote: > > On Wed, 22 Aug 2012 14:46:50 +0300 Tom Hacohen <tom.haco...@samsung.com> > > said: > > > >> To be honest, I don't know how secure we can get there because of entry. > >> We only free (without explicitly erasing) the buffers used internally by > >> entry (elm+edje) and textblock, so there might be cleartext copies of > >> the pass in memory anyway... > > > > it doesnt use elm or edje entry or e entry.. its literally done by hand > > listening to keystrokes (whihc frankly if u can force coredumps u can divine > > the passwd thru keystroke memory history if u are lucky). :) > > So not entry, but it uses text/textblock to show the text, doesn't it? > If so, the same logic applies. it only shows ***** so i guess u could find out how many chars the pw has.. that's it. evas only ever sees *** (and edje too). -- ------------- Codito, ergo sum - "I code, therefore I am" -------------- The Rasterman (Carsten Haitzler) ras...@rasterman.com ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ enlightenment-devel mailing list enlightenment-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/enlightenment-devel
