Re: OT: Smartcards and Physical Security
Let me start by saying I basically understand your last point: it's not
worth it because it won't work.
On Fri, Dec 05, 2003 at 04:01:42AM -0600, Manoj Srivastava wrote:
> who follow secire processes. Blowing 40k collectively is unlikely to
> buy us much security.
Like I said, it may be that it would be wasted money. But you are
switcing arguments here. Originally you were bristling at the
suggestion that you spend your own money. Now you seem to be okay with
that, but saying it would be wasteful because you basically don't trust
smartcards.
I don't trust them either, but they are a layer. Of course, they may be
an absolutely useless layer, but they may not. I think this is your
true objection (to smartcards at all) and not to the suggestion of
having your spend your own money to improve the project. And that's an
acceptable belief (although it *may* not be correct). But if you want
to explore other, free ways to improve Debian's security process (such
as auditing one another's machines or some other way I can't think of),
that's a good thing. The point is: a failure occured. Don't let it
happen again.
>
> >> Let me see if I can point out the logical flaws in words with few
> >> syllables.
>
> Take a bath? take a _bath_? What are we, back in grade school now?
You're not seriously talking about taking pot shots are you? Tit for
tat. But I withdraw the remark, I was thinking of the traditional image
of the long-stringy-haired Unix hacker such as RMS. I was picturing RMS
-- I didn't mean anything else. :-)
Reply to: