Profile decryption problem after last update
-
@syklist said in Profile decryption problem after last update:
And another one. A Raspberry Pi 5 running debian bookworm XFCE and Vivaldi stable has just started up with the profile chooser dialogue. This computer has been updated regularly, has only one user and only one DE and Vivaldi only has one Profile. As with all the other recent cases Vivaldi sync is not enabled.
I accepted data loss and continued with my existing profile. All was as before except when I tried to log into Vivaldi mail the password was not auto-filled. It appeared that my passwords had gone.
However, I restarted Vivaldi and checked under "Saved password" only to find that my passwords were still intact. My passwords are now exported.
I remembered last night that I had seen this behaviour on an x64 computer running Xubuntu 22.04 a few weeks ago. On closing the profile chooser window and starting Vivaldi again it opened up as normal and all passwords were retained.
So far the only device that I use regularly that (touch wood) hasn't shown the Profile chooser pop up is my PinePhone Pro. The difference between that device (besides I use two different but Gnome based DEs on it) and all the others is that I am running the OS off a microSD card. All the others either use eMMC or SSD drives.
Could it be something as simple as faster drives mean that Vivaldi opens up too quickly and the password manager does not respond in time?
Which causes one of two results, benign failure, closing the profile choose and restarting Vivaldi fixes all problems or password loss if you choose to continue with your default profile.
What is the default timeout in Vivaldi for communication with the OS's password manager? Can it be changed from the CLI with a flag or another flag to make Vivaldi start up more slowly?
-
@syklist you can use steps described in → this thread
to diagnose if/when the key store has access issues.On timeout during unlock/response (interactive password request) I normally just get a blank window and have to manually restart
Vivaldi. -
@becm said in Profile decryption problem after last update:
@syklist you can use steps described in → this thread
to diagnose if/when the key store has access issues.On timeout during unlock/response (interactive password request) I normally just get a blank window and have to manually restart
Vivaldi.Thanks, I will take a look at that when I get a bit of time during the upcoming holidays.
-
Like others in this post, I haven't been mucking around with profiles. I'm running version 7.03 on Fedora 41 and never mess with profiles and haven't made any other changes to this linux installation since I updated it to 41 a month or two ago, other than regular automated (or through dnf) updates. This profile pop up reappeared for I think the third time in recent months. I'm also using the same version of Vivaldi and Linux on a new Lenovo laptop and so far the problem has not appeared on that machine.
Judging from the posts here, the Vivaldi development team really doesn't have any idea of how to fix this, much less what's causing it. Regretfully I'm going to have to go back to Opera until someone can figure this out because I have neither time nor patience to mess with "keyrings" or whatever they are.
... and this just when I was thinking of making a financial contribution.
-
@andrewsjon Please keep in mind that we added the warning so that users would be warned if they where about to lose their encrypted data.
As far as we know all other browsers using such protection (at least Chromium based ones) continues merrily on their way, wiping your encrypted data in situations that would trigger our warning.
Also, keep in mind that the encryption key storage access code was written entirely by the Chromium team, who would probably be the correct addressee for any requests to actually fix the underlying issue.
One could perhaps, at least in the case of Linux, ask the various teams involved to agree to one keystore system.
But that may have the potential downside of the ever relevant XKCD comic (which probably also demonstrates how we got to the current situation for this particular technology):
Developer and Security Expert at Vivaldi.
-
@yngve I would agree in general. But since Vivaldi introduced the warning, I have lost access to my Vivaldi key storage five or six times overall. Never before. Sometimes just by closing and restarting Vivaldi (apparently) too quickly. I can’t explain what is going on, this shouldn’t be dependent on a warning message. Additionally I haven’t found steps to reproduce it reliably, therefore I haven’t reported it. But something is afoot.
-
@luetage I suspect whatever is happening it is not related to the dialog.
AFAIK (I was not involved implementing it) what the code does is 1) Detect if the decryption of data failed before the profile is initialized, 2) if so, display the warning, 3) depending on the user's decision, shut down Vivaldi, or continue.
-
@yngve said in Profile decryption problem after last update:
@andrewsjon Please keep in mind that we added the warning so that users would be warned if they where about to lose their encrypted data.
Please keep in mind that the first time I started losing access to my encrypted passwords was AFTER the warning was added.
-
@yngve said in Profile decryption problem after last update:
AFAIK (I was not involved implementing it) what the code does is 1) Detect if the decryption of data failed before the profile is initialized,
So perhaps there is something going wrong with this step?
An example of the idea that observing something either changes it or in some cases brings it into being?
Maybe the OS functions/APIs called by Vivaldi either have a hitherto unknown bug and/or the Vivaldi code to detect if decryption of the data store has occurred has made assumptions that turn out to have unexpected/undesirable results.
-
@luetage said in Profile decryption problem after last update:
Additionally I haven’t found steps to reproduce it reliably, therefore I haven’t reported it. But something is afoot.
Same here. There seems to be no rhyme nor reason as to why it occurs. I have a fair few devices running debian based OSs and it has happened to a handful of those devices. With both Vivaldi stable and snapshot. In the case of one device it has occurred more than once.
-
@syklist As mentioned, I was not involved (and I don't normally work in a Linux Desktop environment, usually only in a terminal).
What I know is that a QA that was involved with testing says that every time the dialog showed up on Linux for any of the testers, it was caused by having switched to a different Window System that used a different keystore.
My suggestion to you and anyone else that repeatedly see this warning without having switched the Window System should file bugs with as many details as possible about you system and what happens and especially what was done to the system between exiting Vivaldi the last time, and seeing the dialog again.
Developer and Security Expert at Vivaldi.
-
@yngve As said, I’ll do so when I find steps. Might just be a coincidence, perhaps Chromium made a change concurrently and the Vivaldi changes are not the cause.
-
@yngve said in Profile decryption problem after last update:
@syklist As mentioned, I was not involved (and I don't normally work in a Linux Desktop environment, usually only in a terminal).
I am fully aware that you have stated that you were not involved in the development of this feature. By engaging with you I am not trying to imply that you have any in depth knowledge of the code nor the development process. Apologies if I seem to be implying that.
Perhaps you could ask a collegue is involved in Vivaldi for Linux development to come and "ta en titt" at this and other threads that can be found in the Linux Desktop section of the forum regarding the appearance of the problem.
What I know is that a QA that was involved with testing says that every time the dialog showed up on Linux for any of the testers, it was caused by having switched to a different Window System that used a different keystore.
As I have mentioned switching desktops is definitely not the cause in the cases I have experienced. All the devices I have experienced the problem with have only ever had one DE installed.
My suggestion to you and anyone else that repeatedly see this warning without having switched the Window System should file bugs with as many details as possible about you system and what happens and especially what was done to the system between exiting Vivaldi the last time, and seeing the dialog again.
The problem I and others have mentioned is that in order to file a bug report we need
a) to know what we did to provoke the problem and
b) repeatable ways of triggering the problem.In the cases I have seen it seems to be
a) open Vivaldi at some time after the new warning about keystore decryption problems was implemented
b) none -
@syklist What I can tell you is I haven’t had this issue since opening the keyring application and deleting all entries belonging to Vivaldi/Chrome. This includes Chrome Safe Storage, Chrome Safe Storage Control, and a third unnamed application entry with an app-id for either vivaldi‐stable or snapshot, depending on what you are running. You will lose your logins one last time and then it might perhaps be fine. No guarantees, but it’s worth a shot.
-
@daniel
So I am trying to use X-forwarding. Can I create a profile on this machine and sync it to my profile on the originating machine? I have sudo privileges on both.Art Edwards
