Yes. It is a nice report that does not engage with 1password's security model at all. 1password specifically says that they do not think it is feasible to defend against locally executing malware.
Yes. It is a nice report that does not engage with 1password's security model at all. 1password specifically says that they do not think it is feasible to defend against locally executing malware.
“Not feasible” except that the author of the article provided a list of relatively low-effort solutions that 1Password could implement to improve the situation.
I’m pretty sure defending against locally executing malware is something that companies like Apple and Microsoft work on daily. The idea that it’s not “feasible” sounds suspiciously lazy.
Especially Apple works on that on the iPhone by scanning every new app and leave the customer only install that one that are signed by Apple itself. And they still fail with it.