AgileBits response to TeamSIK report on Android version? [https://support.1password.com/kb/201702a/]
Comments
-
Hi,
I am new to 1Password and I will not say my security literacy is high.
I really like 1Password's simple and pretty design and decided to use 1Password to protect my important digital documents.
I cam across to a piece of news the other day about vulnerabilities of Password Manager Apps and 1Password is on the list.
Is this something I need to worry about?
The article is at: http://thehackernews.com/2017/02/password-manager-apps.html
The issues addressed regarding 1Password are:
Subdomain Password Leakage in 1Password Internal Browser
HTTPS downgrade to HTTP URL by default in 1Password Internal Browser
Titles and URLs Not Encrypted in 1Password Database
Read Private Data From App Folder in 1Password ManagerPrivacy Issue, Information Leaked to Vendor 1Password Manager
Could you please comment on this?
Thanks,
Jeff1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided0 -
Any comment about
http://thehackernews.com/2017/02/password-manager-apps.html0 -
Check out this thread: https://discussions.agilebits.com/discussion/76011
0 -
Hi tn44,
I've merged your post with the discussion pervel referred to where you can find comments about this. :)
0 -
thanks pervel and sjk
I've read this thread, but to be really sure:
1/ are all versions
mac
win
android (should be -according to this thread-)
iOS
fixed now (today) ?2/and, for every OS, from what v.X.x.x ?
thanks0 -
@tn44: These issues concerned 1Password for Android. We take these things very seriously, so we made changes to the app (6.4.1) to address Team SIK's findings in September of last year before the end of the month. And we'll continue to work with researchers to find and address any issues in other versions as well. Cheers! :)
0
