[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Backport of the integer overflow in the brk system call

On Wed, 3 Dec 2003 12:19, Tom <tb.31123.nospam@comcast.net> wrote:
> Smartcards would have avoided the Debian compromise: merely having a
> compromised DD box would have prevented bad guy from getting on the box.
>
> It's all about layers of defense.
>
> I think the DD's should seriously think about requiring smartcards.  It
> would have prevented the proxmiate cause of our recent troubles.

I agree that smartcards would help a lot.  However as has been previously 
suggested the cost of 1200+ smart-card readers is probably prohibitive.

I have sent a message to Werner asking if the GPG smart-card device could be 
re-implemented with a USB interface.  I think that a USB dongle with GPG 
technology would be a good option as most developer's machines already have 
USB support.

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page
Reply to: