Date: Tue, 29 May 2001 19:27:18 -0400 From: Robert Withrow <witr@rwwa.com> To: Matt Dillon <dillon@earth.backplane.com> Cc: Seth <seth@psychotic.aberrant.org>, Vivek Khera <khera@kcilink.com>, stable@FreeBSD.ORG Subject: Re: adding "noschg" to ssh and friends Message-ID: <200105292324.TAA73334@ns1.rwwa.com> In-Reply-To: Your message of "Tue, 29 May 2001 16:15:24 PDT." <200105292315.f4TNFOu31573@earth.backplane.com>
next in thread | previous in thread | raw e-mail | index | archive | help
dillon@earth.backplane.com said: :- Putting on my security hat... no. All you are doing is forcing :- the hacker to use some more obscure and possibly less detectable way :- to compromise the machine. So, in fact, you could be making the :- problem *worse*. Maybe your security hat needs cleaning? The whole game is played by raising the cost of hacking. Using your theory, we should eliminate all passwords. *Then* we'd be pretty sure no hacker would trouble himself by using any obscure hacking methods. (Of course, that would be like windows, wouldn't it?) No system is un-hackable. But a prudent person raises the cost of hacking the system (read that as raising the difficulty) so that it is larger than the expected gain of hacking the system. That is the best you can do. --------------------------------------------------------------------- Robert Withrow, R.W. Withrow Associates, Swampscott MA, witr@rwwa.COM To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200105292324.TAA73334>