1Password for Windows and XARA
Hello,
I'm an avid 1P user on my private Macs, iOS devices and my Windows notebook at work.
Given the current XARA security breach on OS X, I can't help but wonder if the Windows version of 1Password is potentially prone to the same problem? I understand the research paper that made the flaw public is concentrating on the Apple operating systems. But it seems to me that at least the IPC communication handshake flaw is more of a design problem than a bug-related security issue that could easily be patched.
How does IPC between the browser extension and 1Password work on Windows? Does it potentially have the same problem, or are there other security measures in place?
Thanks for your input,
melb00m
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Comments
-
is the Windows version of 1Password potentially prone to the same problem?
Yes.
How does IPC between the browser extension and 1Password work on Windows?
The same as on Mac: we use WebSockets.
Does it potentially have the same problem?
It does. Here is our official response. Thanks!
0 -
Thank you. I saw that article already, it just didn't mention Windows explicitly, that's why I thought it might use a different mechanism.
0