lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sun Jun 4 21:03:15 2006 From: n3td3v at gmail.com (n3td3v) Subject: breaking news tools, for an ever changing community On 6/4/06, Valdis.Kletnieks@...edu <Valdis.Kletnieks@...edu> wrote: > > On Sun, 04 Jun 2006 20:07:13 BST, n3td3v said: > > > by the actual account owner tries to login. think of it as a user > friendly > > account firewall, easily setup by kids and the elderly, because yahoo > would > > detect the isp trends of the actual account user, and all the user needs > to > > do is select yes or no to setup rules based on isp information yahoo > > displays to them via a web interface. its as simple as 'yahoo detects > you're > > using aol, set your account to accept aol only access to this account?', > > 'add a new isp?', 'delete this isp?', 'make aol your default isp for > this > > account?' or if the user is too confused, yahoo can have a 'turn off isp > > recognition for this account?' > > Two words: Open Proxies. You configure "AOL Protection" because you're > on > AOL and I'm on BT, and the first open proxy I can find in AOL space will > busticate the scheme quite well and proper. > > 35 million AOL users. I'm sure there's still WinGate's out there. :) Why did you delete out my whole corporate user part of my e-mail? it was the main emphasis of the e-mail. I personally don't focus consumer security, its so boring. I'm interested in the security of employees, data and corporate applications. The only time consumer security comes into my focus is when employees are using 'consumer accounts' as a means to communicate with co-workers during vacation periods on e-mail, and even in work time, corporate users on yahoo are actively using their 'consumer accounts' to instant message each other. While the production infrastructure of the main body of consumers may now be 'workable' with your example, its entirely possible to have IPAR http://skyways.lib.ks.us/KSL/libtech/accessks/ipar.html for consumer amd corporate accounts linked to yahoo employees who are accessing the 'backyard' network from the corporate workstation and that of the corporate user from a home workstation, to login to corporate infrastructure interfaces. I guess you 'cut' paranpraghs if you agree with them on my e-mails and 'keep' paragraphs which are weake. I infact looked at the paragraph you highlighted for some 30 minutes inbetween multitasking to decide weather it was worth mentioning a possible web interactive interface for the comsumer community of the yahoo network, when my real focus was on the 'backyard - corporate side' of security -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060604/1fe69b05/attachment.html
Powered by blists - more mailing lists