[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Backport of the integer overflow in the brk system call

On Wed, Dec 03, 2003 at 01:06:08PM +0100, Marc Haber wrote:
> On Wed, 3 Dec 2003 22:27:39 +1100, Hamish Moffatt <hamish@debian.org>
> wrote:
> >The RSA SecurID tokens are a bit smarter than that; the output for a
> >given input changes every minute. My employer uses them for remote
> >access to their intranet; you have a fixed pin number which you enter
> >into the card to get this minute's (6 digit) password. No reason why the
> >pin would have to be fixed though.
> >
> >I have no idea what they cost. Also the newest ones are not exactly fit
> >for carrying around in your wallet. They last 3 years on internal
> >batteries.
> I seriously doubt that the server-side software is DFSG-free. The only
> Linux Agent that is available from rsa.com is for RedHat 7.3, and I
> would be astonished if it were available in source code form.

That's true, but there may be similar technology available from other
companies. I have no idea what the server-side part looks like,
having only been an end user of the token solution.

Hamish Moffatt VK3SB <hamish@debian.org> <hamish@cloud.net.au>

Reply to: