Sunday June 05, 2016

Password App Developer Overlooks Security Hole To Preserve Ads

Do you use KeePass to manage your passwords? The developer is allegedly letting a flaw in the program slide because fixing it would mean a loss of ad revenue.

To his credit, Reichl notes that he'd like to move to encryption as soon as he believes it's possible. You can also verify that you're getting a signed download, if you're worried. However, it's still contradictory to develop a security-centric app and decide that security should take a back seat. Even if it's true that ad income would take a steep hit, the consequences of knowingly exposing people to attack (including alienating those who once trusted the password tool) are likely far more severe.