 "Password Safe developer refuses to fix security issue for ad revenue")
KeePass, a popular free and open source password safe app developer, Dominik Reichl straight off refused to patch the security exploit in the KeePass app after the issue was brought to his attention back in February. The issue along with the live demonstration of the attack on how easy it is to exploit the flaw in the update mechanism of the app can let anyone with adequate knowledge perform MitM attacks (also known as Man in the Middle attacks).
KeePass won't switch update check to HTTPS because advertising on the site would break. Ads ruin everything.https://t.co/QkTRCz5Bbl
— SwiftOnSecurity (@SwiftOnSecurity) June 3, 2016
The response of the developer is a far cry from what is expected from the developer of a product that markets itself as the most safe and robust product for all the passwords that you use and have in your life. The priority to make the product secure should take centre stage instead of worrying on losing the advertising revenue from the change.
Ever since the security researcher decided to go out with the story, KeePass has been under scrutiny and ridicule all over the internet, especially the online communities and forums that specialise on cyber security.
Video Credits: Florian Bogner
 "Sistine Chapel's chief restorer Gianluigi Colalucci passes away at 92")
 "Microsoft fixes 113 vulnerabilities across 11 products including zero-day bugs"){kind=logo}
 "Password security is critical for an organisation's cyber defence: A few best practices")
 "Sistine Chapel's chief restorer Gianluigi Colalucci passes away at 92")
 "Microsoft fixes 113 vulnerabilities across 11 products including zero-day bugs"){kind=logo}
 "Password security is critical for an organisation's cyber defence: A few best practices")