|
|
On 2008-07-26, Nix <nix-razor-pit@xxxxxxxxxxxxx> wrote:
> On 25 Jul 2008, Ian Rawlings stated:
>> More to the point, passwords are only more convenient if you are
>> logging in from locations on which you don't have the key,
>> i.e. machines that aren't under your control, and that's hardly a good
>> idea, no amount of random password gibberish will help there. Logging
>
> Yeah, but then you're dead. The machine can copy your private key just
> as easily as it can keylog you...
Tsk, did you not read as far as the bit where I said logging in from
your *own* machines? No method of logging in from a machine you don't
control can really be regarded as secure, although this whole security
thing is generally an exercise in line-drawing. You can just as
easily draw the line at a point that even your own machines are
regarded as infested with thieving scum, but I'd have thought that for
most people running a business, opening up your network to a strange
machine via a persistent password would always be on the wrong side of
the line.
--
Blast off and strike the evil Bydo empire!
http://youtube.com/user/tarcus69
http://www.flickr.com/photos/tarcus/sets/
|
|