On Wed, 12 Jan 2000, Gregory J. Feig wrote:
> petri .......yeah....but read Sergei's last-night post about cracking
> and getting a couple thousand creditcard numbers, et al, because
> the server had them stored in the clear.......Roger Turk would echo
> me when I say, "any secure system can be blown by stupidity."
> It sounds like a small replay of "The Cuckoo's Egg"//
I suppose you didn't recieve my reply, when I said I believed in sysadmins
making that something that would never happen? Anyway, if a sysadmin is
clever (which Sergeis weren't, poor CC users), a) you have a hard time
breaking in b) the numbers are stored in an encrypted form b) they are
moved to some non-networked box that is used to store secrets, after some
time.
/petri
