2FA, was A Deep Dive on the Recent Widespread DNS Hijacking

• Previous message (by thread): 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking
• Next message (by thread): A Deep Dive on the Recent Widespread DNS Hijacking
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Okay that was *clearly* a troll.

On Tue, Feb 26, 2019 at 10:58 PM Keith Medcalf <kmedcalf at dessus.com> wrote:

>
> I did write my own TOTP client.  However, why do you assume that I am
> talking about a TOTP client and not the referred webpage which requires the
> unfettered execution of third-party (likely malicious) javascript in order
> to view?  Not to mention requiring the use of (also quite possibly
> malicious) downloaded fonts?
>
> ---
> The fact that there's a Highway to Hell but only a Stairway to Heaven says
> a lot about anticipated traffic volume.
>
>
> >-----Original Message-----
> >From: NANOG [mailto:nanog-bounces+kmedcalf=dessus.com at nanog.org] On
> >Behalf Of Seth Mattinen
> >Sent: Tuesday, 26 February, 2019 09:36
> >To: nanog at nanog.org
> >Subject: Re: 2FA, was A Deep Dive on the Recent Widespread DNS
> >Hijacking
> >
> >On 2/25/19 9:59 PM, Keith Medcalf wrote:
> >> Are you offering an indemnity in case that code is malicious?  What
> >are the terms and the amount of the indemnity?
> >
> >
> >Anyone who is that paranoid should read the RFC and write their own
> >TOTP
> >client that lets them indemnify themselves from their own code.
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20190226/91f1991b/attachment.html>

• Previous message (by thread): 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking
• Next message (by thread): A Deep Dive on the Recent Widespread DNS Hijacking
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]