Re: dumb++ security
From: Ross Oliver (reo@roscoe.airaffair.com)Date: 02/23/02
- Next message: Ross Oliver: "Re: replicating permissions"
- Previous message: Nicholas Bachmann: "Re: checking if an interface went down"
- In reply to: David Means: "Re: dumb++ security"
- Next in thread: Murray Watson: "Re: dumb++ security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: reo@roscoe.airaffair.com (Ross Oliver) Date: 23 Feb 2002 01:32:49 GMT
David Means <dmeans-usenet@the-means.net> wrote:
>Encrypt the usernames/passwords using a strong encryption algorithm.
>Create a machine fingerprint and make the file unusable if the machine
>fingerprint doesn't match the one in the file.
Okay, I'll bite. How do you protect the encryption/decryption key?
It would appear to me that your method doesn't actually solve the
problem, just adds another layer. How does a "machine fingerprint"
(whatever that is) provide any protection? If I steal the data
from an encrypted file, the fingerprint doesn't change. Also, where
do you store this fingerprint?
- Next message: Ross Oliver: "Re: replicating permissions"
- Previous message: Nicholas Bachmann: "Re: checking if an interface went down"
- In reply to: David Means: "Re: dumb++ security"
- Next in thread: Murray Watson: "Re: dumb++ security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
