[153998] in North American Network Operators' Group
Re: LinkedIn password database compromised
daemon@ATHENA.MIT.EDU (Leo Bicknell)
Wed Jun 20 18:53:02 2012
Date: Wed, 20 Jun 2012 15:52:23 -0700
From: Leo Bicknell <bicknell@ufp.org>
To: valdis.kletnieks@vt.edu
Mail-Followup-To: valdis.kletnieks@vt.edu, "nanog@nanog.org" <nanog@nanog.org>
In-Reply-To: <68207.1340231870@turing-police.cc.vt.edu>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
--cNdxnHkX5QqsyA0e
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
In a message written on Wed, Jun 20, 2012 at 06:37:50PM -0400, valdis.kletn=
ieks@vt.edu wrote:
> I have to agree with Leo on this one. Key management *is* hard - especia=
lly
> the part about doing secure key management in a world where Vint Cerf
> says there's 140M pwned boxes. It's all nice and sugary and GUI-fied and
> pretty and Joe Sixpack can do it - till his computer becomes part of the =
140M
> and then he's *really* screwed.
I'm glad you agree with me. :) =20
That's no different than today. Today Joe Sixpack keeps all his
passwords in his browsers cache. When his computer becomes part of the
botnet the bot owner downloads that file, and also starts a keylogger to
get more passwords from him.
In the world I propose when his computer becomes part of the botnet
they will download the private key material, same as before.
My proposal neither helps, nor hurts, the problem of Joe Sixpack's
machine being broken into is orthoganal and not addressed. It needs to
be, but not by what I am proposing.
--=20
Leo Bicknell - bicknell@ufp.org - CCIE 3440
PGP keys at http://www.ufp.org/~bicknell/
--cNdxnHkX5QqsyA0e
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.18 (FreeBSD)
iQIVAwUBT+JUJ7N3O8aJIdTMAQJjVg//cIrKampdr43aMVtjePDvy1qaOQs80wnr
ou5mL3GpDLZvtmn+NJMnrTBIsjOUzkpKWvLoeKc6cntTIDMIArLMcxHTbxJ/fLqI
ozG8D2OEAtoqrjkS/V+ncLY5ZaFmyj0nd+ciFbX7NZq5PaY7jPnOtcKt6Y6ae7hc
cIClIbfh6zaWulFZMFbXhMPpYjz3VuzA2c08GuDA1IM8ewFY/Gif3YFhhgzqcncn
Js4/cdH6lG/8NrSBpwyGeonl06PPObOuScDPhPEvH0M3tfGv5VIhPfDDL2PWs8pb
cStPJ05DYkBx89W634K6afY4dYTUYSzyLHF+Hs/ztd1EJraGPecqX2ZXd7jrlxrd
241rOMly7jHR9XqlwpPzsSQxPU5hTy3ld3vw8cDlcONQsly9qZOjO7/0ga1a/cnY
j/2830D8n1sRzGADYztdb5FAqlbg7Om/9zLYBUYCwvhYvLqY6PavmfX0/1qQN6Jo
9h291oDI1hOin9qmBNHduQ5dKKa29DNcOzlS5yCzXH7p13Ae/jYESw8bwuveEgfN
qLTQ8G/YekXjKDHzOVbp+YlLSQ/QvHu+YoQl0AwaVStQ8riBebzr4m6OekwoCRUz
NtsasYOej0A+OXWJL6YLvfyFUg7l3/et1BlM6ImsdI7t+JR2IUOWpfWgSuyBWdHW
xsm0Iq6WK3Y=
=69t+
-----END PGP SIGNATURE-----
--cNdxnHkX5QqsyA0e--
