2FA, was A Deep Dive on the Recent Widespread DNS Hijacking

valdis.kletnieks at vt.edu valdis.kletnieks at vt.edu
Tue Feb 26 17:49:30 UTC 2019

On Tue, 26 Feb 2019 08:36:11 -0800, Seth Mattinen said:
> On 2/25/19 9:59 PM, Keith Medcalf wrote:
> > Are you offering an indemnity in case that code is malicious?  What are the
> > terms and the amount of the indemnity?

> Anyone who is that paranoid should read the RFC and write their own TOTP 
> client that lets them indemnify themselves from their own code.

I seem to recall that the 1983 Turing Award lecture referenced a 1974 pen test
of Multics that proved conclusively that level of paranoia isn't sufficient....

More information about the NANOG mailing list