Re: OT: Smartcards and Physical Security
On Fri, 5 Dec 2003 02:45:41 -0800, Tom <firstname.lastname@example.org> said:
> Let me start by saying I basically understand your last point: it's
> not worth it because it won't work.
> On Fri, Dec 05, 2003 at 04:01:42AM -0600, Manoj Srivastava wrote:
>> who follow secire processes. Blowing 40k collectively is unlikely
>> to buy us much security.
> Like I said, it may be that it would be wasted money. But you are
> switcing arguments here. Originally you were bristling at the
> suggestion that you spend your own money. Now you seem to be okay
> with that, but saying it would be wasteful because you basically
> don't trust smartcards.
I am bristling at the idea of users demanding that volunteers
are not doing enough, and need to spend money to provide better
service. I was amused at the idea that you seemed to think that this
was even remotely workable. I was flabbergasted that someone thought
that mere gadetry actually brought security. I was heartened to think
there there are still people on -devel misguided enough to believe
that the Debian project has such a common hive mind that such a
proposal would get past the belly laugh stage.
> I don't trust them either, but they are a layer. Of course, they
> may be an absolutely useless layer, but they may not. I think this
> is your true objection (to smartcards at all) and not to the
> suggestion of having your spend your own money to improve the
> project. And that's an acceptable belief (although it *may* not be
> correct). But if you want to explore other, free ways to improve
> Debian's security process (such as auditing one another's machines
> or some other way I can't think of), that's a good thing. The point
> is: a failure occured. Don't let it happen again.
Drop the imperatives, and we shall get along a lot better.
Better still, roll up your sleeves and make it happen, and
you'll earn my respect, and my support.
>> >> Let me see if I can point out the logical flaws in words with
>> >> few syllables.
>> Take a bath? take a _bath_? What are we, back in grade school now?
> You're not seriously talking about taking pot shots are you? Tit
> for tat. But I withdraw the remark, I was thinking of the
> traditional image of the long-stringy-haired Unix hacker such as
> RMS. I was picturing RMS
> -- I didn't mean anything else. :-)
I was merely dumbfounded at the _quality_ of pot shots you
were taking. I am used to, umm, well, more, uggh. /mature/ pot shots
being taken at people on this list. I have not heard that expression
since the playing fields of my primary school.
People who take cold baths never have rheumatism, but they have cold
Manoj Srivastava <email@example.com> <http://www.debian.org/%7Esrivasta/>
1024R/C7261095 print CB D9 F4 12 68 07 E4 05 CC 2D 27 12 1D F5 E8 6E
1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C