While on the topic of password-sniffing anecdotes from conferences -- At the 2600-coordinated Beyond HOPE conference (NYC, 1997), it was made very clear to users that passwords transmitted in-the-clear would be sniffed. To hammer home the point, one participant in the Tiger Teaming panel singled-out an unlucky telnet user, announcing a domain name and hinting at the password over the loudspeaker system. It got a pretty good laugh from the audience. Perhaps that the kind of shock factor that's necessary to get people (certain people, anyhow) thinking realistically about security. We even considered sniffing passwords and hooking up a line printer in a central location..... nah! :) ||| Dominick
- Re: references to password sniffer incident Phil Karn
- Re: references to password sniffer incident Tom Perrine
- Re: references to password sniffer incident Richard Guy Briggs
- Re: references to password sniffer incident Derek Atkins
- Re: references to password sniffer incident Phil Karn
- Re: references to password sniffer incident Jurgen Botz
- Re: references to password sniffer incide... Steve Schear
- RE: references to password sniffer incident Brown, R Ken
- Re: references to password sniffer incident Dominick LaTrappe
- Re: references to password sniffer incident Daniel J. Frasnelli
- Re: references to password sniffer incident Bill Frantz
- What's it worth? (Re: references to passw... Daniel J. Frasnelli
- Re: references to password sniffer incide... Dan Geer
- Re: references to password sniffer incident Peter Gutmann