On Thu, 2004-10-14 at 11:43, BjÃrn Persson wrote:
[Sorry for the delay; I work third shift (2200-0600 local time]
> So you'd have some kind of identification on the USB memory, and if the
> passphrase you type matches that identification, you're logged in. And
> you'd use this on all the computers you use?
Well, whatever it is keeping them from doing it now, I suppose. We'd
have to exchange key data in a hash format a'la SSH; I'm sure there's a
way to keep it from being easy to sniff/steal. If not, SSL/SSH/etc
would have been routinely hacked on a widespread basis a long time ago,
no?
> What if you don't fully trust one of these computers? Maybe you're a
> user on a big campus, and you don't know who the administrators are. You
> don't even know how many people have root access. If just one of them
> isn't completely honest, they could install a piece of software that
> copies your ID from the keyfob and sniffs your passphrase as you type
> it. Then they can pose as you everywhere.
Well, I understand the concern; but if anyone can work this out, we
can....we don't have to beg and borrow from people holding patents,
etc. Aye?
--
------------------------------------------------------------------------
Brian FahrlÃnder Christian, Conservative, and Technomad
Evansville, IN http://www.fahrlander.net
ICQ 5119262
AIM: WheelDweller
------------------------------------------------------------------------
Attachment:
signature.asc
Description: This is a digitally signed message part
