-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Thursday 2007-05-31 at 16:17 -0700, Randall R Schulz wrote:
Mmmm...
It could be used to sniff passwords going in clear on a network,
Well, if people are asking to have their passwords stolen, then they should be accommodated.
Well... there are many common protocols in frequent use that send sensitive info in clear: email is the main one. Most of the pop3 servers I use require password in clear, for instance; then, even if the password is encrypted, the payload is not. The smtp protocol does the same. Then there is http: many pages login do not use https. Some use it, then the webmail behind is in clear. And those are not under our control, we are just users (mostly).
In the U.S., at least in certain contexts, one has to demonstrate an effort to protect some kind of property before one is entitled to the protection of the law when that property is lands in another's hands.
Interesting. I remember being told that stolen cars were not really stolen, because they were properties left unattended on the street, for anyone to take away. They don't get the same protection from the law as a TV inside a house.
or sniffing private data like email being sent/received, and use that info to tailor a social engineering attack.
Yep, wait and see... we can only idle-talk.
The most fun kind of talk, right?
O:-) - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFGX+metTMYHG2NR9URAkuAAJ4vOnTjjXw3+iq0Al68VVU3+cPbPQCfVcQ2 CKogctKa0bkxvPIR8z9pZyk= =Qc0C -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-project+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-project+help@opensuse.org