Annoying cache.agilebits.com - please
Everytime 1password app on Mac is invoked from the browser plug-in (Safari, right-click), after unlocking it with the master password, it attempts a connection to cache.agilebits.com. LittleSnitch pops up for confirmation, which causes all interaction to break and be restarted from the beginning.
This is very annoying. It should not need to access the cache in the first place, at least not in the middle of a dialog flow.
I like those icons, but the cache should only be accessed when a user edits their database.
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Comments
-
Hi @Anderson,
Thank you for taking the time to write us about this!
Rich Icons are just one of the reasons 1Password connects to cache.agilebits.com - it also uses that connection to check for things like browser extension updates, updates for the main app, release notes, and Watchtower database updates. You can find more information about that in this knowledgebase article: Why is 1Password trying to connect to some random website?
I would also be annoyed if an app like Little Snitch popped up every time 1Password tried to make that connection. In order to prevent that, you should be able to change an option to allow all connections from 1Password somewhere in the Little Snitch settings.
Hopefully this helps, but if you have more questions about that or need anything else, please let us know! :)
0 -
Thanks for your reply. I know how to silence LittleSnitch, but that's not the point.
The point is that doing all these checks you mentioned while in the middle of an interaction with the user/browser is not the right time. These checks should be done once at startup and when the user opens the database for editing. That's where some interaction with your servers is expected to happen.
If 1password attempts to make network connections when the users fills out a form, it feels somewhat discomforting. The reason LittleSnitch is used in the first place is to learn about when and possibly why an app phones home. That should definitely not happen while the user is inputting sensitive data.
As said, I like the icons, but would feel way more comfortable if this was a sync option, rather than happening so often in the background.
0 -
Or to look at it from another perspective: If I were a hacker, instead of trying to intrude your apps, I'd attempt to compromise your content delivery servers, which, as a major and widely used service, are probably subject to a zero-day exploit every now and then.
That's why probably no password vault should ever connect to anything but local, or secure proprietary resources anyway.
0 -
Just imagine what's at stake: Getting hold of the credentials of your user base is probably worth millions of dollars on the black market. This is an extremely attractive incentive for any criminal around the globe with enough time and dedication. You are possibly one of the primary targets they are after.
0 -
Thanks for your reply. I know how to silence LittleSnitch, but that's not the point.
The point is that doing all these checks you mentioned while in the middle of an interaction with the user/browser is not the right time. These checks should be done once at startup and when the user opens the database for editing. That's where some interaction with your servers is expected to happen.
@Anderson: I think that perhaps, given you'll almost certainly have to be connected to the internet when using the browser, that's just the right time for 1Password to check for updated data, such as icons which are used in the browser extension, both for display purposes, and when saving new logins. I get what you're saying, and we can certainly consider other options for the future, but I'm not sure it's as clear cut as you're implying.
If 1password attempts to make network connections when the users fills out a form, it feels somewhat discomforting. The reason LittleSnitch is used in the first place is to learn about when and possibly why an app phones home. That should definitely not happen while the user is inputting sensitive data.
As said, I like the icons, but would feel way more comfortable if this was a sync option, rather than happening so often in the background.(Un)fortunately, that's exactly what 1Password is for: inputting and accessing sensitive data. If we do what you suggest and avoid connecting to the internet any time sensitive data is involved, 1Password will either never check for updates or not work at all (given that a big part of what it does is saving and filling login information for websites). I agree with you on general principle, but using 1Password in the first place really demands placing a great deal of trust in it. I feel like that's the big leap that we have to make, and once we're using it, we've already made it; and trusting 1Password to download icons really seems to pale in comparison.
Or to look at it from another perspective: If I were a hacker, instead of trying to intrude your apps, I'd attempt to compromise your content delivery servers, which, as a major and widely used service, are probably subject to a zero-day exploit every now and then.
That's why probably no password vault should ever connect to anything but local, or secure proprietary resources anyway.That's a really good point, and it's why we put a lot of resources into the security infrastructure of our website(s). But that's only half true. The primary reason we do this is, of course, the hosting we do of our apps and now the subscription services. After all, if someone were able to compromise our server and get people to download a malicious copy of 1Password, that would be catastrophic. We sign our apps, but an unsigned (or fraudulently signed) im-pass-tor app could probably get around this when people ignore the "unsigned" warning or don't verify the source. This is, unfortunately, something we all need to do to stay vigilant these days — especially when it comes to something we trust with our most sensitive information.
Just imagine what's at stake: Getting hold of the credentials of your user base is probably worth millions of dollars on the black market. This is an extremely attractive incentive for any criminal around the globe with enough time and dedication. You are possibly one of the primary targets they are after.
I guess my point is that you're already trusting 1Password with your data. Icons aren't the attack vector you need to be concerned about. What's really at stake isn't JPGs; it's our vaults. Icon update pings aren't going to be the attack vector if an attacker is smart and skilled enough to compromise our servers. They're not going to be messing around with — I don't even know...serving advertisements as icons? Instead, they'll try to give us a malicious app to host (or host it themselves) so they have a shot at users' data. That's why verifying the connection to agilebits.com is secure and the app is signed by AgileBits is the important thing. I hope this helps clarify things. Please let me know if you have questions about any of this!
0