> If I understand this correctly, the idea here is to think of a
> solution like Java, which is downloaded from a remote server
> every time, and which handles security for the user.
Uh.. no. I've never found those systems to be terribly secure.
> My reasoning is that since the machine could have a
> background process (such as one of several popular
> password capturing programs) which reads all input before
> passing it on to the program in use (e.g. trusted email
Exactly. Things like passwords to your RSA key are vulnerable to this. Grab
a copy of the secret key and use a snoopying TTY .. poof, I am you. Today,
tomorrow, and on until you get a new secret key.
A hardware-based device which generates the right answer based upon a
challenge, a secret key, some algorhythm is NOT vulnerable to this. The
answer never remains the same, and the key is never stored on the client
machine in any fashion.
> program), entering data to the machine would be like sending
> email to the owner of the machine. If the machine's
> owner is a bad guy, you are in effect allowing
> the bad guy to see what you writing.
Right. Which makes remote access from untrusted machines functional and
accepting for reading e-mail, updating logs of work done for the client, or
perhaps transfering files back to our site for analysis, but useless for
any situation where you need to be typing passwords and such. This is both
known and documented for all users in our environment.
I spent many hours trying to explain this concept to Greg, and he
never got it. You've managed to do so in 2 messages - congrats :-)
--
Joe Rhett Systems Engineer
[EMAIL PROTECTED] ISite Services
PGP keys and contact information: http://www.noc.isite.net/Staff/
