Read first: Previous version support information

1Password for Windows and XARA

melb00m
melb00m
Community Member
in 1Password 4 for Windows

Hello,

I'm an avid 1P user on my private Macs, iOS devices and my Windows notebook at work.

Given the current XARA security breach on OS X, I can't help but wonder if the Windows version of 1Password is potentially prone to the same problem? I understand the research paper that made the flaw public is concentrating on the Apple operating systems. But it seems to me that at least the IPC communication handshake flaw is more of a design problem than a bug-related security issue that could easily be patched.

How does IPC between the browser extension and 1Password work on Windows? Does it potentially have the same problem, or are there other security measures in place?

Thanks for your input,
melb00m

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • svondutch
    svondutch
    1Password Alumni
    edited June 2015

    is the Windows version of 1Password potentially prone to the same problem?

    Yes.

    How does IPC between the browser extension and 1Password work on Windows?

    The same as on Mac: we use WebSockets.

    Does it potentially have the same problem?

    It does. Here is our official response. Thanks!

  • melb00m
    melb00m
    Community Member

    Thank you. I saw that article already, it just didn't mention Windows explicitly, that's why I thought it might use a different mechanism.

  • LauraR
    LauraR

    @melb00m - You are very welcome and thank you for the question :)

This discussion has been closed.