Would like to know more about the security upgrades of the System Unlock feature in Linux 0.9.7

I read the release notes for the 0.9.7 beta for linux and this line item stood out to me as I have been very interested in this feature. Can we somehow get access to the gitlab issues that are associated with this feature? How can I find out more about these particular tickets: "Improved the security of the System Unlock feature. #1545, #1689, #3479, #2798"


1Password Version: 0.9.7
Extension Version: Not Provided
OS Version: Linux
Sync Type: Not Provided

Comments

  • Hey there jessesanford,

    Thanks for reaching out. Its always nice to see people reading and paying attention to release notes.

    Unfortunately we can't give access to our internal GitLab tickets, but I can say what they were about, and more importantly, what changed with System Unlock in 1Password for Linux in the release :)

    To unlock 1Password without entering your master password, we need to store an encryption key somewhere that take the place of it during the unlock and decryption process. The design of the system unlock feature was a very early addition to the alpha and had the overall quality of such. When the app was locked, this substitute encryption key was kept in the UI's process memory, unencrypted. However, after the 0.9.7 update, we now keep the key in the Rust core of 1Password for Linux and encrypt it using facilities provided by the Linux Kernel. What this means is that 1Password is now the only application that can access this key. It gives app users a much stronger protection and makes it incredibly harder for a malicious app on the system to steal it.

    I hope that answers your questions!

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file