From: Vadim Antonov avg@postman.ncube.com
Subject: religious wars
Date: Fri, 18 Aug 1995 04:51:22 -0400 [thread overview]
Message-ID: <19950818085122.vXECnlE6w5lbGEfaifcl-WvPDcgBoevfo7Lqaa7xG84@z> (raw)
Well, i'm not against better security -- as long
as it can be tuned to fit the requirements.
Note that the option i added *is not on by default*.
Let me reiterate that the security level should be
adequate in regard to the value of information.
By not providing the low security you effectively
eliminate the whole class of applications for the
system.
"What? Give securenet keys to all people who want
to log into the xxx account? I don't even know
them!"
BTW, i appreciated the joke about managenment not
wanting you (designers of the system) to see their
information :)
The session stealing attacks do not have to be
easily identifyable, and in fact they are already
happening, as the knowledge is becoming more common.
Also, while the "passive snooper" is a nice theoretical
model in data world all passive snoopers have
capability for active interference by definition.
One-time passwords are a mere deterrent, not the system
a determined hacker can't break. Cleartext passwords
are also a deterrent. I may choose not to protect the
system at all and use the police as a deterrent.
Please don't force the choice of security level down
the system administrators' throats. They know the
local circumstances better. In our village doors are
left open more often than in yours :)
It is not a "religion", it is a common sense. I saw
too many misguided efforts to improve security by
making it hard to use, to the net result that everybody
simply ignores the procedures. Ah, those proverbial
holes in fences of top-secret installations.
--vadim
next reply other threads:[~1995-08-18 8:51 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
1995-08-18 8:51 Vadim [this message]
1995-08-18 20:48 presotto
1995-08-18 21:35 Berry
1995-08-18 22:51 Scott
1995-08-19 1:27 Paul
1995-08-19 18:24 Rich
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=19950818085122.vXECnlE6w5lbGEfaifcl-WvPDcgBoevfo7Lqaa7xG84@z \
--to=9fans@9fans.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).