Blog Op-Ed piece submitted by The New Oil
Earlier this year, a relatively large scandal emerged when it was discovered that the United States Central Intelligence Agency was running a shell corporation in Switzerland called Crypto AG. Crypto was selling network hardware such as routers to foreign governments and militaries equipped with encryption backdoors, giving the US intelligence community an unprecedented level of access to those countries’ most sensitive communications, military plans, and more.
The potential information is mindboggling. And before the dust has even settled, new reports are alleging another such organization called Omnisec. Talk about illusion of choice. Imagine the people who passed on Crypto because of security concerns or suspicions only to buy from Omnisec. Heartbreaking.
While most of us reading this are probably not army officers or even in control of purchases at the office, there is still a valuable lesson we can learn from this story: trust should not be handed out lightly. The idea of “never trusting anyone” is, in my opinion, flat out ridiculous. You always trust someone, somewhere. I trust the building I’m in right now not to collapse on my head. I trust my boss to pay me for my work. I trust the check not to bounce and I trust the economy not to collapse overnight. We all trust someone somewhere, period. However, that doesn’t mean we shouldn’t consider who we trust, with what information, and what redundancies we have in place.
I think we can all agree that a password manager is one of the most important pieces of your digital life. It has literally all of your accounts – some of which, sadly, do not offer two-factor authentication – sitting in one place, as well as how to get into them (at least partially). A compromised password manager would be a devastating thing. So how do we vet our trust in password managers? There’s some pretty common methods. We look at the company: do they have a trustworthy history? How do they make money? How often do they update the product? Have they been audited and what were the results? But how often do we consider the worst?
I want to say right here that I don’t believe in unchecked paranoia. Assuming that everyone is out to get you and living with a constant threat-based mindset is not a good way to go through life. If you’re lucky it will hinder you from a good number of opportunities – social, employment, and otherwise. At worst it will literally drive you into mental illness. Don’t go crazy. Literally. However, to never consider the worst and to just go through life hoping for the best is to invite disaster in equal measure.
I use KeepassXC as my primary password manager. I trust Bitwarden, but I rarely need immediate access to my passwords, so why risk the cloud? But now I have to consider some additional threats: what if my database gets corrupted or my computer crashes? I keep a copy on an external USB. What if I die? That same external copy is plaintext so that my partner has access if she needs it. What if we get robbed? That plaintext copy USB is hidden inside a safe that’s built into the wall.
What if the robber breaks the safe out of the wall and runs off with it? Quite frankly, at that point, I have clearly royally pissed off the wrong person and I am being targeted by someone with very specific knowledge and advanced resources. I’ve got bigger problems. And that’s something important to remember: there’s always somewhere the line has to end. I can “what if” myself right into the mental hospital, but there’s a point when the likelihood is so low that I'm better off accepting it as is. Trying to build a house underground with a laser grid and guard dogs is impractical.
Having said that, the point of this blog post is that you still have to consider some what ifs. My original what-if was “what if something happens to my Keepass database?” I have a backup that is safely stored. That’s really the takeaway. It’s not enough to say “well I trust Keepass.” I do trust Keepass, but people are people. There are bugs. There are power outages. There are mistakes and things happen. And also, there is Crypto AG.
If it came out tomorrow that Keepass was somehow compromised, I would personally have no issue moving all my passwords over to Bitwarden. As I said, personally I trust Bitwarden. I’ve been keeping up with them. They seem like a really ethical company. They passed a security audit this year with flying colors. They’re transparent, and they state how they make money. They are regarded as a good choice in the privacy community.
So what does this have to do with Crypto AG and Omnisec? That we always need to keep a Plan B in our back pockets. Again, that does not mean to panic ourselves to death and freak out. “Oh no, what if Bitwarden is compromised?” Honestly, the odds that Bitwarden AND Keepass will both be compromised within a week of each other is pretty slim. If Bitwarden gets compromised, I’ll still have Keepass and I’ll look for a new Plan B. If Keepass gets compromised, I’ll move to Bitwarden and start finding a new Plan B (or Plan A, maybe the move is just temporary).
There’s also an entirely separate blog post in this Crypto/Omnisec story about the superiority of open-source. You can read that over at my personal blog at write.as/thenewoil. In the meantime, the moral is that if you don’t have a security and privacy Plan B, now is the time to come up with it. If your primary messenger is Signal, what will you do if Signal gets cracked tomorrow? If your email provider is ProtonMail, what will you do if they turn out to be a honeypot tomorrow?
Now is the time to do your research and make your plans. Jordan Harbinger says to “dig your well before you're thirsty.” If you haven’t started digging, grab a shovel.
Article received from and published on behalf of regular decentralize.today blog contributor, The New Oil