[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian Investigation Report after Server Compromises

On Monday 08 December 2003 18:20, Colin Watson wrote:
> You can go further by requiring physical presentation
> of smartcards or similar in order to use the key, which is less
> convenient but makes a passphrase more or less useless on its own.

Aren't smartcards similar to dongles in some respects?  They both have a 
guard point in the software that identifies good guys and bad guys.  If so, 
then given that dongles are reverser bait, won't smartcards meet the same 
fate as dongles?  They'll become a wall trophy over the mantle of a reverser. 
It seems that anyone capable of a stack overflow exploit is also capable of 
reversing out a smartcard checkpoint.  Please tell me I'm being too negative.

Mike Mueller
324881 (08/20/2003)
Make clockwise circles with your right foot. 
Now use your right hand to draw the number "6" in the air.

Reply to: