'we should all be uncomfortable with the extent to which luck ..'

• Previous message (by thread): 'we should all be uncomfortable with the extent to which luck ..'
• Next message (by thread): 'we should all be uncomfortable with the extent to which luck ..'
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Jul 24, 2001 at 11:42:21PM -0700, Roeland Meyer wrote:

> > Systems Affected
> > 
> >    Systems running versions of telnetd derived from BSD source.
> 
> How many of us here run anything less than SSH and even allow telnetd to
> live on any of our hosts?

telnetd is not inherently bad.  It is a tool that is lacking the
session encryption and strong authentication features of SSH, but is
still useful in some cases.  Like any tool it can be used poorly, but
that is not the fault of the tool.

For example, when traveling, I can log in securely from any random
Internet cafe using OPIE or S/Key one-time passwords via telnet.  SSH
requires that you trust your local machine, and OPIE assumes that you
don't.

David

-- 
   David Shaw  |  dshaw at jabberwocky.com  |  WWW http://www.jabberwocky.com/
+---------------------------------------------------------------------------+
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson

• Previous message (by thread): 'we should all be uncomfortable with the extent to which luck ..'
• Next message (by thread): 'we should all be uncomfortable with the extent to which luck ..'
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]