undefined | Better HN

0 pointspsanford5mo ago0 comments

Yes. It is a nice report that does not engage with 1password's security model at all. 1password specifically says that they do not think it is feasible to defend against locally executing malware.

0 comments

dangus5mo ago

“Not feasible” except that the author of the article provided a list of relatively low-effort solutions that 1Password could implement to improve the situation.

I’m pretty sure defending against locally executing malware is something that companies like Apple and Microsoft work on daily. The idea that it’s not “feasible” sounds suspiciously lazy.

krater235mo ago

Especially Apple works on that on the iPhone by scanning every new app and leave the customer only install that one that are signed by Apple itself. And they still fail with it.

j / k navigate · click thread line to collapse