Re: Cryptography problem
From: Barry Margolin (barmar_at_alum.mit.edu)
Date: 06/24/04
- Previous message: Security Alert: "SSRT4770 rev.0 HP-UX 11.04 running Virtualvault, DoS"
- In reply to: Dean Hallman: "Re: Cryptography problem"
- Next in thread: Jim Grimmett: "Re: Cryptography problem"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 23 Jun 2004 19:49:45 -0400
In article <Xns95117D739FEEDdeanhscrrcom@24.25.9.43>,
Dean Hallman <deanh@sc.rr.com> wrote:
> So, it doesn't necessarily have to be my software, as long as the
> request is authentic and not automated (actually entered in real time by
> a human at a keyboard). But, I believe the only way I can assure the
> later it by being the client.
Many systems provide ways to feed keystrokes to programs, so that users
can automate the use of GUI-based applications. So even if it's your
program sending the requests, it could still be automated.
As someone else mentioned, the only way to really be sure there's a
human involved is to require them to do something only a human is able
to do, like read a fuzzy word.
-- Barry Margolin, barmar@alum.mit.edu Arlington, MA *** PLEASE post questions in newsgroups, not directly to me ***
- Previous message: Security Alert: "SSRT4770 rev.0 HP-UX 11.04 running Virtualvault, DoS"
- In reply to: Dean Hallman: "Re: Cryptography problem"
- Next in thread: Jim Grimmett: "Re: Cryptography problem"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
