RE: [fw-wiz] A little paranoia for the weekend...

• Previous message: Celina Stevenson: "[fw-wiz] Re: cycle,Bad Credit is OK Gold Visa Card Approved"
• In reply to: Paul Robertson: "Re: [fw-wiz] A little paranoia for the weekend..."
• Next in thread: Paul Robertson: "RE: [fw-wiz] A little paranoia for the weekend..."
• Reply: Paul Robertson: "RE: [fw-wiz] A little paranoia for the weekend..."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: "Paul Robertson" <proberts@patriot.net>, <ark@eltex.net>
Date: Tue, 29 Jul 2003 15:53:42 -0500

Paul Robertson said:
>
> On Mon, 28 Jul 2003 ark@eltex.net wrote:
>
> > Sure. That's what one-time passwords are for ;-)
>
> Classic security/admin mindset--
>
> The data is often much more important than the credential. Protecting
> the credential doesn't solve the problem for most situations. That's why
> we spent so much time as an industry on SSL, and not enough on Web server
> security.
>
In this case, however, it seems to have been the credentials that were
compromised. From what I have seen of gotomypc, their data security is
pretty good. The problem lies in keeping secure credentials that may be used
in god knows what kind of circumstances. The instance of the trojaned
terminal at some public location seems to be how this type of system would
be most likely compromised.
Josh

_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

• Previous message: Celina Stevenson: "[fw-wiz] Re: cycle,Bad Credit is OK Gold Visa Card Approved"
• In reply to: Paul Robertson: "Re: [fw-wiz] A little paranoia for the weekend..."
• Next in thread: Paul Robertson: "RE: [fw-wiz] A little paranoia for the weekend..."
• Reply: Paul Robertson: "RE: [fw-wiz] A little paranoia for the weekend..."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]