[bisq-network/proposals] API security (#69)
notifications at github.com
Wed Jan 23 11:35:43 UTC 2019
ah ok, so you simply would replace a memorable password with the JWT token. In that case I agree that there is no added value, there might rather be a greater attack surface as a memorized password is not digitally accessible (given it is not stored by the browser or other parts of an OS), a token is. Never trust the browser, especially when it comes to riches.
And be aware that you might not be able to foreclose XSS attacks completely (might be considered as a kind of man-in-the-middle in this case). This attack happens before Tor and the only defence is the browser itself. And of course, a simple password might not protect against this attack (as the user might not realize what is going on and provide the password anyways).
2FA: please be aware that if you use one of the cheap 2FA technologies (i.e. a phone), the whole advantage is cancelled if the user uses the very same phone to do the remote controlling via the API. Other technologies (https://en.wikipedia.org/wiki/Universal_2nd_Factor and its hardware tokens for example) have a hard time being used on phones (although RFID enabled phones and the required software are in the coming)
What I wish to see being added is the option to disable the API via settings/command line parameter. Only a service that is not offered can be truly secure.
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the bisq-github