How to verify your frontend application?
Okay, so I did a lot of research on 1password and I've already bought the family plan. I do have some clarification that I need to do.
From what I read 1Password not only doesn't get password of 3rd party websites but it also doesn't get password for 1password platform itself.
And if I understand correctly you're using some remote password protocol and some cryptography tricks to verify if someone owns the cyphertext, and send them the cyphertext and ONLY the original person who HAS the secret key and the password can decrypt and get plain text.
This means, even if 1password gets hacked, I'm very safe. One scenario I'd like clarified.
What if someone in your company goes rogue or some malware gets injected into the desktop app or android app and it basically starts sending my password and secret key to your server or their own server?
Or yeah, how do we know that the desktop apps/android apps or even web. Which we're using aren't sending these two pieces of information elsewhere? I know you guys go through audits and what not, but what would be helpful is to be assured that if someone attempts this, I'll know for sure. Is there any mechanism you have in place in these apps already?
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Referrer: forum-search:How to verify your app?
Comments
-
Hi @cyberhck
It sounds like you've got the general idea, yes. :) If you're interested in learning more a couple resources that may be helpful:
- How Secure Remote Password protects your 1Password account [an overview]
- 1Password Security Design White Paper [much more in-depth]
What if someone in your company goes rogue or some malware gets injected into the desktop app or android app and it basically starts sending my password and secret key to your server or their own server?
There are controls in place to help prevent this. First we have security policies and auditing in place that would help prevent a developer's machine from being infected. Second, if a developer were to intentionally try to add malicious code to the app, there is a code review and approval process that it would have to make it through. This prevents a single bad actor. But I assume the next question will be about multiple bad actors working together. 😆 At that point we also have a QA process that the bad code would need to make it through. Finally, with Android in particular but some of our other apps as well, there is a review/approval process from the distribution channel (Google Play). In short there are a number of checks that would help prevent this.
Beyond that we have a number of highly technical customers who keep a close eye on what 1Password is doing, including developers from other teams and non-developers who work here (and run pre-release builds). On the off chance something were able to slip through the cracks it seems likely that suspicious behavior by the 1Password app would be observed, reported, and investigated, perhaps before it even got out to the general public. It is possible to monitor the connections 1Password is making with a tool like Wireshark, and folks do. On top of that, as you say, we have a bug bounty and formal audits.
A rogue app has been theoretically possible since the very beginning… and has never occurred to date precisely because of those interlocking mechanisms and controls. It is something we're very aware of and are continually evaluating our processes to prevent. I hope that helps!
Ben
0