On Sun, Jun 26, 2011 at 12:26:40PM -0500, Marsh Ray wrote:
[...]
> Now maybe it's different for ISP core router admins, but the
> existence of this product strongly implies that at least some admins
> are connecting to their router with their web browser over HTTPS and
> typing in the same password that they use via SSH.
[...]
Valid point, but flawed example. Managing these things day in and
day out, I can tell you this is the first thing any experienced
admin disables when initially configuring the device. If your admin
is managing your routers with a Web interface, SSL MitM is the
*least* of your worries, honestly.
--
{ IRL(Jeremy_Stanley); WWW(http://fungi.yuggoth.org/); PGP(43495829);
WHOIS(STANL3-ARIN); SMTP([email protected]); FINGER([email protected]);
MUD([email protected]:6669); IRC([email protected]#ccl);
ICQ(114362511); YAHOO(crawlingchaoslabs); AIM(dreadazathoth); }
_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography
