Gregory's ServerUnilaterally here appears to actually mean: After notice and discussion, the core app requires attack surface reduction spurred by threat model change. Feature add version available for those with needs/tolerances for riskier surfaces.
|
6 comments
 @bkw777 @tab2space @paul_ipv6 why would we develop and maintain and personally use a feature we don't trust. Use your noggin, we eat our own dogfood. @keepassxc @tab2space @paul_ipv6 Presenting a non-sequiter like that as an argument places you in a not-great position from which to try to talk about anyone else's failure to use any noggins. Your heat here seems very weird to me. Defensiveness isn't warranted. Chances of problems scale with complexity. A feature with no known bugs still has a chance of bugs being discovered later. If the feature implementation isn't present, however, then those bugs don't affect the release without the feature. I encourage you to embrace the options of being able to use core functionality, while adding access methods tailored for a user's risk appetite.  @bkw777 @yoshir @bkw777 @paul_ipv6 |
@tab2space @keepassxc @paul_ipv6
That keepassxc devs themselves don't agree, and think conveniences are more important than security *in a password manager* makes me question the wisdom of using keepassxc as ones keepass client.
All the users I can forgive (well, not them either but it's at least expected if still not excusable) but the actual devs of a password manager?