You can login multiple times with SAFE Network account from different computers

@Blindsite2k and I just found out that you can log in with the same creds from different computers. From his computer he was able to upload data to my private data.

At first it seems fun that you can login from different computers, but the fun stops when an attacker can just upload, edit and delete people their data.

@mav had a question about account recovery, but I think we also need 2FA to protect against attacks. The thing is, if an attacker has an keylogger they can just type over what you type when you log in and also be able to log in. Maybe there is a solution. If you log in first and others are not able to login again, unless they type in the next 2FA that is provided to you. This means that they need your phone to login for the second time, asuming that you will be quicker with logging in.

There is yet another problem, what if an attacker can use an automated script to login, that logs in before the user logs in? Maybe this can be overcome, that users are no longer required to click on “login”. So as soon as they type in the last digit needed for the 2FA they are automatically logged in and this closes the window of opportunity for the attacker to be first.

1 Like

Just a thought here. As far as I know a keylogger can’t register mouse movements. What if one developed a passpuzzle type thing that one solved by following a trail or something using the mouse. You know follow the marked trail using the mouse. It could be totally random and generated as many times as needed. We can’t assume someone has a cellphone but most people have a mouse.

4 Likes

Let’s go crazy:

Thing is do we got the budget for all this stuff?

Can you provide resources to the SAFE Network, without having to login? I would say yes the way the SAFE Vault, works now, but at some moment you’ll need an address to receive SAFEcoins.

1 Like

Yes and as the video points out there are virtual keyboards as well. So having 2Fac authentication isn’t the only option. The key is giving people additional log in options and security protections as tools to have at their disposal. A user may choose to use them or not, either all of them, some of them or none of them. But at the end of the day the important thing is to have the options available to the user.

1 Like

how would the network know your mobile phone number anyways ?

Personally I feel like this is a non-issue. Once your credentials have been stolen you should accept your account has been compromised and all your data is vulnerable. Whether you are currently logged in or not.

Any sort of second authentication, such as a mobile phone, removes privacy from the user. I would not want my personal details attached to my account.

You have touched on a few issues here which seem much worse to me that multiple logins. Denying a second login means a malicious attacker could log into your account and not log off until you paid him a random. He can deny you access to your files indefinitely. Without such a feature you both still have access to the files.

This is simply false. There are keyloggers that regularly take screenshots of the screen and when a user clicks. Even multiple mice do not secure you after multiple viewings.

2 Likes

Of course you can, that is the whole point of the network.

Can´t see how 2FA is possible without depending on a 3rd party. Anyhow, I don´t see why there shouldn´t be an app to additionally encrypt your data if that´s what you want.

4 Likes

I don’t think it needs your phone number, you could download an app like Google Auth (but let’s not use centralized auth) and just scan the qrcode and login. Thing is Maidsafe doesn’t have the budget for all this fancy security yet.

Bro when you loose all your SAFEcoin and privatedata, I think you’ll have a different idea about that.

There are also solutions as Yubikey

If an attackers got you creds and they can’t just login, because they need a 2FA, then your account can’t be access by them, if you the SAFE launcher denies access for the attacker. They would need your 2FA device to login, if after your first login the door is closed behind you.

SQRL makes login possible without a 3rd party

The whole point is security and it would be handy to have options. But maybe I’m just overly paranoid and these stats means nothing to no one, because we all have antivirus and safe computers.

https://www.av-test.org/en/statistics/malware/

Maybe the most secure way is to login via a bootable CD, con is that you’ll have to create a new one every time that the network gets an update.

1 Like

I see no issue being able to log onto your account from one or many locations.

If an attacker has your credentials then you would have to stay logged on forever if SAFE only allowed one login at a time.

I would see it a distinct major disadvantage to limiting it to one only login at a time. Imagine you go to an important meeting or letecure or whatever and you left your computer at home signed into SAFE. Then you could not get your data/research held in private storage.

What about payments out and about and you left your PC at home logged in. Cannot pay anyone then because you couldn’t log in

Then the network would have to have a concept of “logged out”

If your credentials are found out then a limit of one login at a time is not going to help you except in the rare cases where you know about the credentials found out, or you never log out. It would just inconvenience the attacker.

2 Likes

What I describe above would not limit you to one login. One login is if you entered your 2FA once. You could login on another device/location if you typed in your 2FA again. Your login is limited to the usage of your 2FA, but this would stop an attacker in their track because they don’t have your 2FA device.

Sorry I was just addressing your opening premise.

No problem bro.

I’m just being highly concerned again about possible attack vectors, for us as a community. I’ll just use an bootable Ubuntu CD, but I don’t think everybody will be that extreme paranoid to connect to the SAFE Network.

Beside keyloggers, we’ll probably just have a lot of people just writing down their creds on a piece of paper, which is scary. The more SAFEcoin’s fiat price goes up and the SAFE Network is used, the more the community members might be targeted by attackers.

I expect that before Safe gets popular we will have many hardware security options. Bitcoin wallet hardware is getting more and more competitive and feature rich, and will include Safe related features quickly.

1 Like

Actually that would be a big disadvantage for everyone who intends to be logged in with different devices at the same time #3devicesatatime

I think @19eddyjohn75 you are overthinking this (positively, I´d say). Your concerns are really important, but they can and will be addressed once the raw network is there. The type of security you are asking for is a usecase for mainstream users who need high security out of the box (because they don´t care enough for themselves). Solutions you are asking for can be implemented by using applications or hardware, they don´t have to be done at core level. We are still far away from a release candidate. Wait for mainstream traction and solutions like these will become necessary and built - but that´s still years ahead. For now I think we definitely have to leave this aside and let Maidsafe focuss on the mechanics of the network.

2 Likes

I agree that this doesn’t seem to be much of an issue and I don’t see much protection in restricting the user in this case.

Slightly off topic and likely also intended; I have 3 accounts with separate login credentials and separate services, but only have to login to one account for all services from all accounts to start hosting and become accessible.
Can someone help me understand this? Are they already replicated and permhosted?

Not sure what you mean there @govspiders. You aren’t really hosting your own services, they are just added to the network being served from the network vaults. You shouldn’t have to be logged in to have a previous service remain on the network.

3 Likes

Big chunk of misunderstanding on my end then! :slight_smile:
I keep my launcher open 24/7 as if it is helping something sadly lol
Thanks for the correction xD

1 Like

i want to be able to log into one account with multiple devices in parallel Oo …

4 Likes

Glad I could help @govspiders!

1 Like

Well “logging in” means in these architectures pbkdf [1] based (and similar) and “password never leaving computer” but the pbkdf result (and more misc tech details) simply pointing to your “master record” and thus credentials on the already existing and persistent network, does mean you can “log in” a.k.a. access this piece of essential primary data. Accessing doesnt have limits or means limited to certain number of sessions or times. Access limits imposed could maybe implemented via higher level means but do not come as a fundamental property of such networks.

[1] compare https://en.wikipedia.org/wiki/PBKDF2

The moment your knowledge of these credential(s) (pbkdf and more, the stuff you type into the launcher) become shared, you have essentially lost your soley control to this initial boostrap piece of data that is the root objcect to your account.

This doesnt necessarily mean that you are completely hosed. In fact back in the old days, some of us still with wuala and trying to advocate for some implementation of neat features, there was the demand of a related situation. The wuala gui could save (for the lazy, but meaning strings attached) the credentials, and eventually there were quite a number of wuala users, who simply forgot their credentials.

As long as this wuala instance (and in fact some cookie and magic data and similar local stuff that had been saved to the locally wuala running machine) was still available and doing okay, the user could still access its wuala account. Wuala used pbkdf and similar as well, it never sent passwords across anywhere by design, one could always and every time “log in” aka access the account that was distributed amongst all wuala participating nodes and such. So well the users forgot their credentials, and it had been asked if wuala folks could not simply implement a function into the gui, that would recreate and rewrite this root object of the users account and be able to request a new protecting password from the user on the locally running gui. According to my understanding this would have been a possible implementation, but the wuala guys never approved of or never cared.

Another use case would be you forgetting your logged in account on some remote location, friends machine, library, work, relatives or wherever or you being paranoid and not sure about all the plenty places your stuff is in use, so you can simply override with that special recreate root object function, and all other active “sessions” would simply eventually fail to access this (now changed) object and fall or drop out again from accessing the users sub-tree as the top-level objects properties have changed.

This is of course not a means to prevent a evildoer who does have hold of your valid credentials, and then him being first to do this root-object change instead of you, and thus locking you out of your own stuff, so dont mistake it as a solution for that fundamental problem.

But re-securing a maybe shared account would be very much possible with a feature and implementation I guess.

Guess lessons learned about this for anyone implementing related stuff: Either never allow for a user to save their credentials and essential information into the depths of some gui and high level launcher app or similar, or offer such a re-set function when there is still access to the base object of an account for the user to regain full access to the re-created root object again in case of lost credentials. This is not a send me my password function.

1 Like