Date: Wed, 21 Jun 2006 10:07:59 +0200 From: Marcin Jessa <lists@yazzy.org> Cc: freebsd-current@freebsd.org Subject: Re: ~/.hosts patch Message-ID: <20060621100759.2371115a@marcin> In-Reply-To: <20060621073123.GA35319@what-creek.com> References: <C41481BC-89F3-457E-9FD0-CB85CE7B93E7@eecs.cwru.edu> <4498D108.90907@rogers.com> <20060621053007.GA3320@odin.ac.hmc.edu> <4498DF20.8020803@rogers.com> <1150870137.78122.14.camel@spirit> <20060621082734.Q24109@beagle.kn.op.dlr.de> <20060621063816.GA32889@what-creek.com> <20060621000250.A6468@xorpc.icir.org> <20060621070739.GB35132@what-creek.com> <20060621002036.A6576@xorpc.icir.org> <20060621073123.GA35319@what-creek.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 21 Jun 2006 07:31:23 +0000 John Birrell <jb@what-creek.com> wrote: > On Wed, Jun 21, 2006 at 12:20:36AM -0700, Luigi Rizzo wrote: > > On Wed, Jun 21, 2006 at 07:07:39AM +0000, John Birrell wrote: > > > The fact that a lot of innocent (naive) people don't use https > > > and certificates?! > > > > and so they would happily click on > > > > <a href="http://www.666.org/gimmeyourmoney">Secure Link to > > Your Bank</a> > > > > so we are not opening much in terms of security holes... > > You are making it worse because you open a new security hole: > > <a href="https://www.paypal.com/">www.paypal.com</a>; > > does not take them to the _REAL_ www.paypal.com. > > This is not an issue about phishing where: > > <a href="http://some.dynamic.ip.addr/">www.paypal.com</a>; > > makes it look like the link takes them to PayPal when it really > doesn't. > > Most banks still don't use certificates even though they use HTTP. > > We need to retain the integrity of a DNS lookup. If there are any work > arounds required for poor DNS lookups, then let an administrator > configure them! Just add a global switch to enable/disable using of the ~/.hosts file to i.e /etc/login.conf. I personally find this feature very handy, especially on a desktop with restricted access to the system. Marcin.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060621100759.2371115a>