Comment 1 for bug 237735

Disclaimer: I'm not a Wicd developer, so don't interpret my remarks as representative of their views...

I don't think I fully understand your situation. How will a client have that sort of access to your laptop? This sounds like a physical security issue much more than a bug in wicd.

That being said, I personally like the way it works now. Obfuscating the key is security by obscurity anyway - it *has* to be somewhere on the system, which means that it can be found. Even if wicd were to encrypt the key and then store that hash in the config file, wicd would also have to know how to reverse the hash to get the key to actually send to the access point, and since the algorithm to reverse the hash is part of wicd, it's a simple matter to get the plaintext key. Long story short, obfuscating the key might make users *feel* like the key is more secure, but it does little to nothing in actually making it more secure. JMHO, of course. :-)