Date: Wed, 11 Feb 2009 13:22:00 +0100 From: Daniel Roethlisberger <daniel@roe.ch> To: Dag-Erling =?iso-8859-1?Q?Sm=F8rgrav?= <des@des.no> Cc: Jason Stone <freebsd-security@dfmm.org>, Lyndon Nerenberg <lyndon@orthanc.ca>, freebsd-security@freebsd.org Subject: Re: OPIE considered insecure Message-ID: <20090211122200.GA86644@hobbes.ustdmz.roe.ch> In-Reply-To: <86eiy5nqjz.fsf@ds4.des.no> References: <200902090957.27318.mail@maxlor.com> <20090209170550.GA60223@hobbes.ustdmz.roe.ch> <alpine.BSF.2.00.0902091246280.61088@mm.orthanc.ca> <20090209134738.G15166@treehorn.dfmm.org> <86eiy5nqjz.fsf@ds4.des.no>
next in thread | previous in thread | raw e-mail | index | archive | help
Dag-Erling Smørgrav <des@des.no> 2009-02-11: > Jason Stone <freebsd-security@dfmm.org> writes: > > Right, but that's not the problem they're trying to solve. > > They're trying to solve the problem of logging in _from_ an > > untrusted machine, to a trusted machine. > > If the machine you're logging in *from* is untrusted, you're > SOL. Even with OPIE or similar mechanisms, somebody might > piggyback on your SSH connection. The best you can do is boot > from a CD or USB fob you prepared yourself, and even then, > there might be a hardware key logger installed on the computer. Or the BIOS trojaned. Your statement is of course correct, logging in from untrusted machines can never be secure. However, OPIE still raises the bar on the required capabilities for an attack (active, real-time attack versus passive keylogging / data dumping). -- Daniel Roethlisberger http://daniel.roe.ch/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090211122200.GA86644>