[130028] in cryptography@c2.net mail archive


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: security questions

daemon@ATHENA.MIT.EDU (John Ioannidis)
Thu Aug 7 09:25:22 2008

Date: Thu, 07 Aug 2008 08:53:58 -0400
From: John Ioannidis <ji@tla.org>
To: Cryptography <cryptography@metzdowd.com>
In-Reply-To: <489AA6C4.7040909@secorvo.de>

Does anyone know how this "security questions" disease started, and why 
it is spreading the way it is?  If your company does this, can you find 
the people responsible and ask them what they were thinking?

My theory is that no actual security people have ever been involved, and 
that it's just another one of those stupid design practices that are 
perpetuated because "nobody has ever complained" or "that's what 
everybody is doing".

/ji

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[130028] in cryptography@c2.net mail archive

Re: security questions

daemon@ATHENA.MIT.EDU (John Ioannidis)Thu Aug 7 09:25:22 2008

daemon@ATHENA.MIT.EDU (John Ioannidis)
Thu Aug 7 09:25:22 2008