lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <200405121638.i4CGcLe3028295@turing-police.cc.vt.edu>
From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks@...edu)
Subject: Calcuating Loss 

On Wed, 12 May 2004 08:56:25 PDT, "Schmidt, Michael R." said:

> What we need is something that you have to log into (securely) or your DHCP is
> revoked immediately.  And of course static IPs are well, static and since they
> are routed, routes can be logged and therefore trackable.

All fine and good.. However... there's this whole "enforcement" thing.  For
starters, the net is multinational - how do you *force* some user in Zimbabwe
to use your scheme?

I'll leave all the privacy issues to others - there's plenty of problems *there*
as well.

> If you replace a part on some new cars with a non-manufacturers part, you
> void the warranty.  But when you run unsigned downloaded for free or sent
> through email code on your dell, who do you call and expect to fix it when it
> stops working?  The end user is the moron, we require no test to get on the
> internet and yet we let more people anonymously sign on the net everyday.

You have to make a decision here - I may be willing to use an aftermarket part
and void my warranty, having made a decision that doing so was a good idea -
the aftermarket part may be vastly less expensive (I've replaced several pieces
of my car with junkyard salvage for $20 when the 3rd party part was $100 and
the original company's part was $160), or higher performance, and you decide
that it's worth voiding the warranty.

It's a totally different thing to legislate that replacing a part with a
non-vendor part is illegal - and that's what you'd have to do to make this
scheme fly.

When source code is outlawed, only outlaws will have source.... :)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040512/bdb808a7/attachment.bin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ