Replying to Avatar Diacone Frost

I admit that I didn't look closer to brave sync and pwd management, because I somehow don't trust them (or even chromium).

On the other hand bitwarden code was internally audited in our company and I do trust our guys (who I know personally) and theirs skills.

Anyways, the seed phrases (and other really sensitive shit) I keep in a keepass db in an always offline VM and usb sticks (even LUKS protected LOL).

I don't have anything physical (like steel engraved or paper) because hackers are not my concern, police raid is.
Avatar
ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 1y ago

this brings up the point that you should make your recommendations in the context of a threat model

bitwarden is for one of them, and very near it is google's password storage

brave sync is a different model which is about protecting against remote breach

you may be concerned about a physical breach in the form of police raid, but you haven't even considered that far more cheap and effective is a remote breach, for one thing, you may never know it happened, and for another thing, it doesn't require people in a physical location to perform

i'm not sure why police raid is your concern, and why if your concern is police raid you have not long ago planned an exit from the jurisdiction where this physical threat is so grave

Reply to this note

Please Login to reply.

Discussion

Avatar
Diacone Frost 1y ago

I agree. As I said I keep some things electronic but strictly offline. Some I do not (like logins to non-critical systems). And some we share within our family.

As for jursdiction, I'm not affraid right now, but still a(ny) state can change the game rules at any moment.

(Not to mention good old physical robbery)

I'm doing recommendations of any sort. This is just how I, personally, keep my things organized and portion of secrets shared within my familly. brave is not very useful for that particular use case. And I have trust issues with them ; still a shitcoin company 😂

And I'm very far from telling ppl what to do. Here are options, DYOR, use what works best for you and your use cases.