Wouter Verhelst wrote:
> relying on other people's security to increase your own isn't pretty
> clever, actually.
Well, it increases your own security to: It makes it harder to use your
machine, were it to be compromised, as an attacker. This increases your
security in two ways:
1. Generally, you log into (and thus have public keys for) boxes you
care about. The worm won't be able to auto-propogate to those machines.
[Remember, there have been root exploits in sshd before. And worms that
2. You won't have to convince law enforcement, your employer, etc. that
no, really, you didn't attack that machine, it was a worm, because the
attack won't happen (at least from your machine).
And, in general, turning this on by default increases the general
security of the Internet. That is a good thing, really. Its unfortunate,
but when you share a network with a billion other people, you have to
rely somewhat on the security of their machines.