[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: OT: Smartcards and Physical Security

Let me start by saying I basically understand your last point: it's not 
worth it because it won't work.

On Fri, Dec 05, 2003 at 04:01:42AM -0600, Manoj Srivastava wrote:
>  who follow secire processes. Blowing 40k collectively is unlikely to
>  buy us much security.

Like I said, it may be that it would be wasted money.  But you are 
switcing arguments here.  Originally you were bristling at the 
suggestion that you spend your own money.  Now you seem to be okay with 
that, but saying it would be wasteful because you basically don't trust 

I don't trust them either, but they are a layer.  Of course, they may be 
an absolutely useless layer, but they may not.  I think this is your 
true objection (to smartcards at all) and not to the suggestion of 
having your spend your own money to improve the project.  And that's an 
acceptable belief (although it *may* not be correct).  But if you want 
to explore other, free ways to improve Debian's security process (such 
as auditing one another's machines or some other way I can't think of), 
that's a good thing.  The point is: a failure occured.  Don't let it 
happen again.

> >> Let me see if I can point out the logical flaws in words with few
> >> syllables.
> 	Take a bath? take a _bath_? What are we, back in grade school now?

You're not seriously talking about taking pot shots are you?  Tit for 
tat.  But I withdraw the remark, I was thinking of the traditional image 
of the long-stringy-haired Unix hacker such as RMS.  I was picturing RMS 
-- I didn't mean anything else. :-)

Reply to: