Need urgent help regarding security

[Arne Wörner]

--- Roger Marquis <marquis at roble.com> wrote:
> Obscurity is an important and wholly necessary part
> of the security toolkit.  Take passwords for example.
> Defining a non-dictionary password is security by
> obscurity.  It is, however, weak protection if you
> do not also log dictionary attacks and blackhole
> offenders before they can try many username/password
> pairs. 
>
I can say that again... :-)

I personally do not like passwords, because:
1. I could forget it.
2. A bad guy could treat me bad in order to get the password.

So I was very happy, when I found out, that ssh protocol offers
this passphrase-less, password-less RSA (today it seems to be DSA)
authentication, which seems to be very secure, and which makes me
uninteresting for authentication and for a bad guy (he or she only
needs my hard disc, which he or she can get without hurting me).

Maybe that could help in this specific security problem
discussion.

Furthermore I would ask, if it might be a good idea in this case
to use a good-guy list instead of a bad-guy list.

Ceterum censeo: Finger prints make everything worse (not just for
thiefs, who have to wear gloves nowadays), because I have heard of
a case, where a robber took away the ring-finger of his victim,
because his victim was unable to get off the ring (published in
german TV by a governmental broadcasting carrier (ZDF) in
"Aktenzeichen XY ... noch nicht gelöst" (which translates to "case
number XY ... not solved yet")). There has been a case near
Kiel,SH,F.Rep.Germ, where the robber became a killer, because the
victim refused to give 10USD, that belonged to his employer.

-Arne
who said the mother of all passwords loudly in the public, while
one of his colleagues was talking to him on the phone


		
__________________________________ 
Yahoo! FareChase: Search multiple travel sites in one click.
http://farechase.yahoo.com