Followup: Password Manager changes (coming in FF3 Alpha 5)

As I’ve previously blogged about, I’ve been working on some changes to the Firefox Password Manager. The first part, a long slog of untangling and porting the old C++ code to JS, is now complete.

The code landed earlier this month via bug 374723, and as part of the change it’s been renamed to “Login Manager”. This work was all backend work, so there are no user-visible features yet… That part comes next. And did I mention test cases? There are now automated test cases! Double-plus yay!

These changes should now make it much easier to write a component integrating Login Manager with the OS X Keychain (or the Gnome Keychain, or whatever). Basically, the code just has to implement the nsILoginManagerStorage interface and add some glue to make the Login Manager use it. Unfortunately this isn’t a high-priority item at the moment, but if anyone in the community wants to pick up the torch I’d be happy to help with the integration. There’s already some code in Camino for Keychain, although I don’t know what state it’s in.

Finally, the new Login Manager has one downside… The interfaces for using it have changed, so extensions that might have been using the old interfaces will need to be updated to use the new ones instead. But the interfaces are documented, and there’s a usage writeup on DevMo. There may be some more minor API tuneups before FF3 is released, but I’m not expecting anything major.

“We shred every day.”

Erring on the side of security can sometimes be a little frustrating…

A few months ago I junked my aging paper shredder. I had purchased it for about $25 some years prior, but it had become rather cranky and instead of shredding paper it mostly just… mangled. When it wasn’t busy jamming itself. So, I appended a “buy new shredder” task to my To Do List and diverted various home office trash to a To Be Shredded Pile… Paid bills, legal documents, bank statements, etc. [No juicy secrets here, I’m afraid. Just a sensible precaution against identity theft.]

Fast forward to last week, and I was still sans shredder but with a sizable stack of records awaiting destruction. I had been shopping around, but hadn’t found a model I liked.

The most basic (and cheapest) models are “strip cut” shredders. They work by — wait for it — cutting the page into long strips, usually 1/4″ wide. I think these models are just about worthless, as reassembling a page from such strips isn’t any more difficult than doing a jigsaw puzzle. A large producer of shredded waste (like a corporation or government agency) might be able to get away with this, since the overwhelming bulk is low-value bureaucratic paperwork. Finding a needle in such a haystack requires a lot of work. But even then, when there’s a will there’s a way… After the US Embassy in Tehran was seized in 1979, the Iranians reconstructed many documents that had been hastily shredded. And after East Germany fell, the Germans got busy processing 33 million shredded documents from the Stasi’s archives.

Here’s a random Flickr shot to illustrate the size of shredder strips:

For a shred with greater security, “cross-cut” models are the way to go. Instead of a 1/4″ wide strip running the length of the page, cross-cut shredders additionally chop up the strips into chunks that are usually 1-2″ long. They thus produce a lot more pieces for every page. Plus, this method provides some protection against user mistakes… If you feed a document sideways into a strip-cut shredder, the strips are just easily-readable lines from the page (a cross-cut shredder would only have a word or two per piece). Apparently some of the folks at the Enron shredding parties made this goof, and recovering those documents was much easier as a result.

So, then, buying a shredder should be a simple matter, right? Well, ugh, not so much… There are a zillion brands available, each with different capacities and shred size. And to make things worse, all but the most basic models seem overpriced to me; the $500 shredders do the same thing as the $25 shredders. Sure, the motor is bigger and beefier, but $475 bigger?!

I got the better of my indecision by throwing fiscal responsibility to the wind and buying Staple’s 770M “Microcut shredder”. $150, but at least it was on sale. It has the smallest shred size (2mm x 8mm) of any shredder I could find, so I figure if I’m going to buy an overpriced shredder I should at least get some better security out of it. Here’s the results:

In the end, consumer-grade shredders — even cross-cutting microshred models — don’t offer ultimate security. There are now companies such as ChurchStreet Technology, who use optical scanners and sophisticated software to automatically reassemble shredded scraps. But these services are very expensive (up to $10,000 per cubic foot!), and I think the process of scanning lots of little pieces of paper likely to always remain relatively expensive and slow. In other words, someone snooping is much more likely to go after an easier target. Security, as always, is relative.

More info:
* Wikipedia’s Paper shredder page
* “Back Together Again”, article in the New York Times discussing shredders, document recovery, and more.