[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: log files (was: Re: dbts: Cryptographic Dog Stocks, The Dirigible Biplane, and Sending the Wizards Back to Menlo Park )
At 12:35 PM -0800 10/28/98, Hal Lockhart wrote:
>2) (Future) Allow only strongly authenticated users. Either a) they are
>legitimate users whose identity is known and will presumably not try to
>hack the system, or b) they are attackers who have done something like
>steal the key of a legitimate user. In the later case, I admit you might
>want to see what they are typing, but it will not give you any information
>about the underlying problem -- their ability to obtain unauthorized keys.
There is a long history of legitimate users who attempt to exceed their
authorization. Double agents in the intelligence community and embezzlers
in the commercial world both come to mind.
-------------------------------------------------------------------------
Bill Frantz | Macintosh: Didn't do every-| Periwinkle -- Consulting
(408)356-8506 | thing right, but did know | 16345 Englewood Ave.
[email protected] | the century would end. | Los Gatos, CA 95032, USA