Re: Secure Yahoo logins
From: David Thiel (lx@redundancy.redundancy.org)Date: 08/28/02
- Previous message: David Schwartz: "Re: Secure Yahoo logins"
- In reply to: Nick Jacobsen: "Re: Secure Yahoo logins"
- Next in thread: Nick Jacobsen: "Re: Secure Yahoo logins"
- Reply: Nick Jacobsen: "Re: Secure Yahoo logins"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 27 Aug 2002 21:06:14 -0700 From: David Thiel <lx@redundancy.redundancy.org> To: Nick Jacobsen <nick@ethicsdesign.com>
On Tue, Aug 27, 2002 at 08:36:40PM -0700, Nick Jacobsen wrote:
> it supports SSH(Secure Telnet)
SSH is not even remotely like "Secure Telnet".
> and SSL(HTTPS) decryption and sniffing, as
Only if you have the server's keypair.
> I guess my main point is that if you are having your users log in using
> "secure log in" for the express reason of making it so their password cannot
> be sniffed, it is pointless, as anyone can STILL sniff it!
There's a higher difficulty level involved with MITM attacks, and
measures can be taken to prevent and/or recognize such attacks.
SSL is not a panacea, but it's a useful layer of security. The
fact that MITM attacks exist is not proper rationale for abandoning
the use of encryption.
- Previous message: David Schwartz: "Re: Secure Yahoo logins"
- In reply to: Nick Jacobsen: "Re: Secure Yahoo logins"
- Next in thread: Nick Jacobsen: "Re: Secure Yahoo logins"
- Reply: Nick Jacobsen: "Re: Secure Yahoo logins"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
