hello,
I am testing BucketExplorer and like it very much (although I would prefer a native Windows program instead of Java, but I understand the lure of writing for multiple platforms).
When I save my AWS Access Key and Secret Key in a Named Quick Connect slot, where is this data kept?
In the Windows registry?
Or in a config file on the filesystem?
Is this data encrypted so a casual user cannot view the config file and see my Access key and Secret key?
thanks, Rick
Access Key/Secret Key Encrypted When Saved in Quick Connect?
4 posts • Page 1 of 1
Access Key/Secret Key Encrypted When Saved in Quick Connect?
by RickKruer on Fri Jan 11, 2008 7:45 pm
- RickKruer
- Posts: 4
- Joined: Fri Jan 11, 2008 7:39 pm
- Location: Mesa, Arizona 85213, USA, Planet Earth
Re: Access Key/Secret Key Encrypted When Saved in Quick Conn
by saurabh on Fri Jan 11, 2008 7:56 pm
RickKruer wrote:hello,
I am testing BucketExplorer and like it very much (although I would prefer a native Windows program instead of Java, but I understand the lure of writing for multiple platforms).
We are getting more Mac & Linux users then what we had originally hoped. So, this was truly a good choice for us:)
RickKruer wrote:When I save my AWS Access Key and Secret Key in a Named Quick Connect slot, where is this data kept?
thanks, Rick
It is stored in a file called BucketExplorer.xml, and that file is stored in same folder where BucketExplorer.exe is extracted. We do NOT even TOUCH the registry. You can take the entire bucket explorer folder on a USB key and use it from any machine. Even the installer does not write anything to registry. Its "Self Extractor zip" and not an installer.
Yes the keys are encrypted in that XML file.
Thanks
Saurabh
- saurabh
- Posts: 60
- Joined: Tue Aug 26, 2008 8:30 am
by RickKruer on Fri Jan 11, 2008 8:19 pm
Thank you for the info about the secret keys kept in the XML file. I am wondering how "strong" an encryption do you use on this or it is a simple scramble that would be easily discovered by reversing the scramble?
Also, I am concerned about the security of using Quick Access, since Bucket Explorer permits direct access to my files on AWS, anyone that can access my computer and start Bucket Explorer has keys to the kingdom of all my unencrypted files on AWS.
I realize I can NOT use Quick Access, but that is a real pain to enter both the Access key and Secret key each time I start Bucket Explorer.
Would it be possible to add a "user defined password" option that would be required to start Bucket Explorer. Alternately, you could make the Quick ACcess item require a password, so that when I select a Quick Access item then BE will prompt me for the config password.
thanks, RIck
Also, I am concerned about the security of using Quick Access, since Bucket Explorer permits direct access to my files on AWS, anyone that can access my computer and start Bucket Explorer has keys to the kingdom of all my unencrypted files on AWS.
I realize I can NOT use Quick Access, but that is a real pain to enter both the Access key and Secret key each time I start Bucket Explorer.
Would it be possible to add a "user defined password" option that would be required to start Bucket Explorer. Alternately, you could make the Quick ACcess item require a password, so that when I select a Quick Access item then BE will prompt me for the config password.
thanks, RIck
- RickKruer
- Posts: 4
- Joined: Fri Jan 11, 2008 7:39 pm
- Location: Mesa, Arizona 85213, USA, Planet Earth
4 posts • Page 1 of 1
Return to Suggest a new feature
