Date: Wed, 20 Mar 2002 10:52:57 -0500 From: David Gilbert <dgilbert@velocet.ca> To: Chris Johnson <cjohnson@palomine.net> Cc: Mitch Collinsworth <mitch@ccmr.cornell.edu>, security@FreeBSD.ORG Subject: [security] Re: Safe SSH logins from public, untrusted Windows computers Message-ID: <15512.45145.604882.548449@trooper.velocet.net> In-Reply-To: <20020319151512.E43336@palomine.net> References: <20020319144538.A42969@palomine.net> <Pine.LNX.4.44.0203191505380.1138-100000@ruby.ccmr.cornell.edu> <20020319151512.E43336@palomine.net>
next in thread | previous in thread | raw e-mail | index | archive | help
>>>>> "Chris" == Chris Johnson <cjohnson@palomine.net> writes: Chris> I've travelled with a laptop for years, and that's what I Chris> usually use. But the hotels I stay in are in all parts of the Chris> world, and while we take cheap local phone access for granted Chris> in the U.S., in many countries it's exorbitantly expensive (the Chris> hotels charge a lot for it anyway). And ISPs that have Chris> world-wide dialup access charge by the minute. So Internet Chris> cafes and hotel business centers are frequently the most Chris> economical way of connecting to the Internet. You'd probably find that all those hotels are using some form of ethernet to connect their machine. If they're on a single dialup per machine, you can hack the windoze password and then use it. Simply connect the network connection to your laptop when you sit down. You can't to trusted work on an untrusted machine. This is the problem that the music/content industry is facing. There are things you can do that surf the law of averages --- like using s/key. The argument there is that what you're doing is unusual enough that the hacker will pick on easier prey. Dave. -- ============================================================================ |David Gilbert, Velocet Communications. | Two things can only be | |Mail: dgilbert@velocet.net | equal if and only if they | |http://daveg.ca | are precisely opposite. | =========================================================GLO================ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?15512.45145.604882.548449>