[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: OT: Smartcards and Physical Security

On Fri, 5 Dec 2003 02:45:41 -0800, Tom  <tb.31123.nospam@comcast.net> said: 

> Let me start by saying I basically understand your last point: it's
> not worth it because it won't work.

> On Fri, Dec 05, 2003 at 04:01:42AM -0600, Manoj Srivastava wrote:
>> who follow secire processes. Blowing 40k collectively is unlikely
>> to buy us much security.

> Like I said, it may be that it would be wasted money.  But you are
> switcing arguments here.  Originally you were bristling at the
> suggestion that you spend your own money.  Now you seem to be okay
> with that, but saying it would be wasteful because you basically
> don't trust smartcards.

	I am bristling at the idea of users demanding that volunteers
 are not doing enough, and need to spend money to provide better
 service. I was amused at the idea that you seemed to think that this
 was even remotely workable. I was flabbergasted that someone thought
 that mere gadetry actually brought security. I was heartened to think
 there there are still people on -devel misguided enough to believe
 that the Debian project has such a common hive mind that such a
 proposal would get past the belly laugh stage.

> I don't trust them either, but they are a layer.  Of course, they
> may be an absolutely useless layer, but they may not.  I think this
> is your true objection (to smartcards at all) and not to the
> suggestion of having your spend your own money to improve the
> project.  And that's an acceptable belief (although it *may* not be
> correct).  But if you want to explore other, free ways to improve
> Debian's security process (such as auditing one another's machines
> or some other way I can't think of), that's a good thing.  The point
> is: a failure occured.  Don't let it happen again.

	Drop the imperatives, and we shall get along a lot better.
 Better still, roll up your sleeves and make it happen, and
 you'll earn my respect, and my support.

>> >> Let me see if I can point out the logical flaws in words with
>> >> few syllables.
>> Take a bath? take a _bath_? What are we, back in grade school now?

> You're not seriously talking about taking pot shots are you?  Tit
> for tat.  But I withdraw the remark, I was thinking of the
> traditional image of the long-stringy-haired Unix hacker such as
> RMS.  I was picturing RMS
> -- I didn't mean anything else. :-)

	I was merely dumbfounded at the _quality_ of pot shots you
 were taking.  I am used to, umm, well, more, uggh. /mature/ pot shots
 being taken at people on this list. I have not heard that expression
 since the playing fields of my primary school.

People who take cold baths never have rheumatism, but they have cold
Manoj Srivastava   <srivasta@debian.org>  <http://www.debian.org/%7Esrivasta/>
1024R/C7261095 print CB D9 F4 12 68 07 E4 05  CC 2D 27 12 1D F5 E8 6E
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C

Reply to: