Stories
Slash Boxes
Comments

SoylentNews is people

Password App Developer Overlooks Security Hole to Preserve Ads

posted by cmn32480 on Monday June 06 2016, @02:22PM   Printer-friendly
from the they-gotta-be-kidding dept.

Fnord666 writes:

An engadget story has the following to say about KeePass2 and developer Dominik Reichl:

Think it's bad when companies take their time fixing security vulnerabilities? Imagine what happens when they avoid fixing those holes in the name of a little cash. KeePass 2 developer Dominik Reichl has declined to patch a flaw in the password manager's update check as the "indirect costs" of the upgrade (which would encrypt web traffic) are too high -- namely, it'd lose ad revenue. Yes, the implication is that profit is more important than protecting users.

Original Submission

 
This discussion has been archived. No new comments can be posted.
Password App Developer Overlooks Security Hole to Preserve Ads | Log In/Create an Account | Top | 47 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 0) by Anonymous Coward on Wednesday June 08 2016, @06:24PM

    by Anonymous Coward on Wednesday June 08 2016, @06:24PM (#356940)

    the engadget author is an idiot. the commenters on engadget are idiots. this story also woke all the idiots who visit this site. The keepass2 site should use tls but that's hardly a "vuln" (as typically used) in the app itself. you use a phischer-price operating system, with plenty of other apps with insecure code and update mechanisms then you whine about keepass2? Downloading all your slaveware from all over the place. Most these same appalled whiners don't check the sig either i bet. even the moron at engadget has screenshots using a windows computer. I'm supposed to take that idiot seriously? lmao....