No FUD intended. Given the option, when the alternative is manual entry, many people will use the pasteboard, security be damned. In other words, convenience can be an important part of security.
As for root, while I completely agree, I guess I just prefer concrete examples. Even when running as root, one can never do "anything" for free, and costs are always important to security. Writing a dtrace script is much easier than reverse engineering...well, pretty much anything.
But I'm honestly more interested in how you feel your solution improves upon Keychain's security.
As for root, while I completely agree, I guess I just prefer concrete examples. Even when running as root, one can never do "anything" for free, and costs are always important to security. Writing a dtrace script is much easier than reverse engineering...well, pretty much anything.
But I'm honestly more interested in how you feel your solution improves upon Keychain's security.