Secrecy and user trust

Ed Greshko Ed.Greshko at greshko.com
Mon Sep 8 00:53:43 UTC 2008


Les Mikesell wrote:
> Ed Greshko wrote:
>>
>>> It's not easy to fool everyone.  The question is whether there is a
>>> way to start from scratch so you can't fool anyone.
>>>
>> And, it is even less easy to "fool" the people whose networks have
>> something worth stealing....
>
> And yet it happens regularly.
By a much much more simple approach.
>
>> Why go through the laughingly improbably scenario of attempting to
>> subvert the public/private key infrastructure with the potential need
>> need to simultaneously subvert DNS infrastructure on a single target
>> when there are already other much more simple attack vectors? 
>
> What's the point of having the key at all if you implicitly trust the
> delivery mechanism of the RPM packages?
Good approach, answer a question with another question.


-- 
Within a computer, natural language is unnatural.




More information about the users mailing list