|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: ABOVE.NET SECURITY TRUTHS?
> Since we are going into a description of cryptography, we might as well > bring up that since the random number generator used to generate the > supposedly random RSA key pair _is_ predictable ... [split] This statement is a litle too broad. I would contest that the design of, say, FreeBSD's /dev/random permits sufficient entropy collection to usefully initialise a strong hashing algorithm with a non-predictable vector. > [split] ... the whole idea of perfect security is improbable at best; > the exercise does make it difficult for people with only a casual > interest in your operations to directly compromise them. This statement hits the mark, but I like to be explicit, to scare security neophytes: if you have ever crossed-over passwords, shared them between two systems, or made any kind of assumption that means the security of one password has depended on the security of another then all such linked accounts passwords are potentially compromised simultaenously. If you're paranoid enough to accept that, then : a) maybe your security could be good enough b) perhaps you should consider using SSH key agents rather than passwords. - joshua
|