[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: log files (was: Re: dbts: Cryptographic Dog Stocks, The Dirigible Biplane, and Sending the Wizards Back to Menlo Park )

At 12:35 PM -0800 10/28/98, Hal Lockhart wrote:
>2) (Future) Allow only strongly authenticated users.  Either a) they are
>legitimate users whose identity is known and will presumably not try to
>hack the system, or b) they are attackers who have done something like
>steal the key of a legitimate user.  In the later case, I admit you might
>want to see what they are typing, but it will not give you any information
>about the underlying problem -- their ability to obtain unauthorized keys.

There is a long history of legitimate users who attempt to exceed their
authorization.  Double agents in the intelligence community and embezzlers
in the commercial world both come to mind.

Bill Frantz       | Macintosh: Didn't do every-| Periwinkle -- Consulting
(408)356-8506     | thing right, but did know  | 16345 Englewood Ave.
[email protected] | the century would end.     | Los Gatos, CA 95032, USA