1994-04-06 - Re: one small comment about a big problem

Header Data

From: Jeremiah A Blatz <darklord+@CMU.EDU>
To: cypherpunks@toad.com
Message Hash: 4fb232fbdbe2079748479f56e2e1ddae233a976f3f395a1b6299c646f787f507
Message ID: <UhcmBFW00WBMQ_bKJV@andrew.cmu.edu>
Reply To: <9404051908.AA13274@odin.UU.NET>
UTC Datetime: 1994-04-06 21:03:09 UTC
Raw Date: Wed, 6 Apr 94 14:03:09 PDT

Raw message

From: Jeremiah A Blatz <darklord+@CMU.EDU>
Date: Wed, 6 Apr 94 14:03:09 PDT
To: cypherpunks@toad.com
Subject: Re: one small comment about a big problem
In-Reply-To: <9404051908.AA13274@odin.UU.NET>
Message-ID: <UhcmBFW00WBMQ_bKJV@andrew.cmu.edu>
MIME-Version: 1.0
Content-Type: text/plain

Excerpts from internet.cypherpunks: 5-Apr-94 one small comment about a
b.. by Bob Stratton@uunet.uu.ne 
> >>>>> "tmp" == tmp  <tmp@netcom.com> writes:
>          ...
>     tmp> unix passwords represent a reasonable amount of
>     tmp> security. they prevent me from hijacking your account. more
>     tmp> sophisticated levels exist.
> I would take issue with this statement on its face. I refer you all to
> the recent House hearings on Internet Security, and the statements
> made by all of the panel members. 

Note, he said *your* account. *My* password is immune to a dictionary
attack, is yours. <Pause while everyone says "yes"> Now, people can
choose their passwords, and you can choose a password that's easier to
remember and harder to crack than a PIN number (or long distance number,
or whatever). These recent hearings will alert (l)users  to choose
something other than "simple" ( <-- Ames ) as a password.

> Reusable passwords are dead. Anyone who insists on using them is part
> of the problem, not part of the solution. If you won't do it for
> yourself, do it for your neighbors who will be attacked from your
> site. 

Ummmm, yeah, or something.
<reaches up, grabs a small piece of paper out of the air, unfolds it and
reads what is written on it, looks up, and says "platypus.">
Doncha love it when someone makes a claim like this, y'know, one that's
so out there, so whacked, and doesn't back it up except with some limp
attempt at coersion? I mean, I usually assume that people who can figure
out how to send e-mail are intelligent enough to realize that people
don't go for this sort of thing. I just don't get it.

Shaking his head disappointedly,

darklord@cmu.edu | "it's not a matter of rights  / it's just a matter of war
finger me for my |  don't have a reason to fight / they never had one before"
   Geek Code and |                                    -Ministry, "Hero"
  PGP public key | http://www.cs.cmu.edu:8001/afs/andrew.cmu.edu/usr25/jbde/