A (not) new security idea
Brian Fahrlander
brian at fahrlander.net
Fri Oct 15 11:20:44 UTC 2004
On Thu, 2004-10-14 at 11:43, Björn Persson wrote:
[Sorry for the delay; I work third shift (2200-0600 local time]
> So you'd have some kind of identification on the USB memory, and if the
> passphrase you type matches that identification, you're logged in. And
> you'd use this on all the computers you use?
Well, whatever it is keeping them from doing it now, I suppose. We'd
have to exchange key data in a hash format a'la SSH; I'm sure there's a
way to keep it from being easy to sniff/steal. If not, SSL/SSH/etc
would have been routinely hacked on a widespread basis a long time ago,
no?
> What if you don't fully trust one of these computers? Maybe you're a
> user on a big campus, and you don't know who the administrators are. You
> don't even know how many people have root access. If just one of them
> isn't completely honest, they could install a piece of software that
> copies your ID from the keyfob and sniffs your passphrase as you type
> it. Then they can pose as you everywhere.
Well, I understand the concern; but if anyone can work this out, we
can....we don't have to beg and borrow from people holding patents,
etc. Aye?
--
------------------------------------------------------------------------
Brian Fahrländer Christian, Conservative, and Technomad
Evansville, IN http://www.fahrlander.net
ICQ 5119262
AIM: WheelDweller
------------------------------------------------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20041015/c274c5ba/attachment-0001.sig>
More information about the fedora-list
mailing list