[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ESPN hacked -- got info? (fwd)




	Strong crypto is useful not in building a web site, but in
providing an infrastructure that resists stupidity better.

	For example, when you telnet or ftp, your password goes in a
sniffable cleartext format.  When you send mail, it traverses the net
in the clear, and is stored in the clear.  If crypto was widely
deployed, the sensitive information people send in the clear would be
protected.

	Locking the barn after the horses are gone is not nearly as
useful as ubiquitous locks.

Adam


Declan McCullagh wrote:
| ---------- Forwarded message ----------
| 
| Declan --
| 
| Do you have any information about the ESPN/SportZone web site store being 
| hacked?  Or a contact?  The pro-crypto folks on the Hill are quite 
| interested to know if 1) this site was using encryption before being hacked 
| and 2) what type of encryption they are using now (one of the press stories 
| noted that crypto was one of the security measures implemented after the 
| hacking).
| 
| I realize this was probably an inside job, but it's good fodder for the 
| Hill.  Any insight you might have -- or other examples -- would be great.
| 
| Thanks in advance.
| 
| 


-- 
He has erected a multitude of new offices, and sent hither swarms of
officers to harrass our people, and eat out their substance.