By John Gruber
1Password — Secure every sign-in for every app on every device.
Nicole Perlroth, reporting for The New York Times:
When Kenneth G. Lieberthal, a China expert at the Brookings Institution, travels to that country, he follows a routine that seems straight from a spy film.
He leaves his cellphone and laptop at home and instead brings “loaner” devices, which he erases before he leaves the United States and wipes clean the minute he returns. In China, he disables Bluetooth and Wi-Fi, never lets his phone out of his sight and, in meetings, not only turns off his phone but also removes the battery, for fear his microphone could be turned on remotely. He connects to the Internet only through an encrypted, password-protected channel, and copies and pastes his password from a USB thumb drive. He never types in a password directly, because, he said, “the Chinese are very good at installing key-logging software on your laptop.”
Fascinating story, but with regard to his password technique: clipboard history loggers are just as easily installed as keystroke loggers, no? If your device has been compromised, there’s no safe way to enter a password.
★ Sunday, 12 February 2012