[liberationtech] Lavabit stored user passwords in plaintext?

[Tom Ritter]

On 14 August 2013 19:30, Bernard Tyers - ei8fdb <ei8fdb at ei8fdb.org> wrote:
>> IF, (big IF) my understanding of Lavabit's architecture is correct,
>> then if you gained access to the user's SSL session, and then also
>> access to Lavabit's server where the user's data and (encrypted)
>> private key is stored - yes you'd have undermined the whole thing.  *
>>
>> There's another thread on LibTech speculating about just what the
>> government asked Lavabit to do.  In it, Jospeh Lorenzo Hall theorizes
>> that they were asked to sniff on people's passwords (or their private
>> keys) in memory so the government would be able to decrypt their mail
>> or private key into the future.
>
> I have *a little* experience (a long time ago) of using RAM Cache for holding databases to speed up retrieving results to search queries - similar idea? In this case, holding users passwords in volatile memory for security?

Um, it probably just stores it unencrypted as a variable in a running
program's memory.  But if for some reason they needed to be written to
a disk-like thing, for use in other tools, yes I would recommend a
ramdisk. (I'd actually recommend a ramdisk that uses an encrypted
filesystem but that's kind of ancillary here.)

> Presumably this would be an easier job to do instead of attacking SSL sessions, since you (the operator) have total access to the hardware?

Right, if you _are_ the operator, or have access to their
infrastructure, you'd get the keys out of RAM, or more easily just add
a line of code that logs them.


-tom