Re: Fedora home server using core 9

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, 2008-09-03 at 19:57 +0930, Tim wrote:
> On Tue, 2008-09-02 at 10:33 -0430, Patrick O'Callaghan wrote:
> > The irony is that if you read Versign's documentation, they don't
> > actually claim to guarantee this. They just go through some
> > standardized checking process involving external authorities such as
> > notaries or business registries. A sufficiently interested adversary
> > can quite easily register a company and get a certificate.
> 
> LOL...  It does seem to be typical that security is just a veneer.

That's a generalization, but a lot of security is theatre, as Bruce
Schneier often says.

> Some banks are just as bad, if you say that you don't have the
> identification that they're asking for often enough, they give in and
> let you do what you wanted without good verification.  They can also be
> too helpful with people who've forgotten their passwords.

Quoting Bruce again, security decisions are in the end made on economic
grounds. If the banks don't lose much from lax online security, they'll
have lax online security. To the extent that they have to compensate
customers, their security gets better.

poc

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux