Re: [fw-wiz] Off topic: Any one know of a good IPV6 reference book?
From: Joshua Hill (josh-lists_at_untruth.org)
To: "Marcus J. Ranum" <email@example.com> Date: Thu, 31 Jul 2003 21:36:18 -0700
Marcus J. Ranum wrote:
>If crypto is the answer, what is the question?
David Wagner wrote:
>What can we do about all those friggin cleartext passwords?
Marcus J. Ranum responded:
> Good point!!!
> A lot of us were saying cleartext passwords were dead in
> the early 90s, but SSL and SSH have breathed new life
> into them; I bet we'll have them forever, now. :( Which
> means that keyboard sniffers will continue to rule.
And what would those sniff-resistant non-crypto based alternatives to
passwords be then? Biometrics, perhaps? :->
Crypto has its part to play in system security; The central design
decision for crypto (just like any other security tool) is the engineering
decision of where to intelligently involve it.
firewall-wizards mailing list