Re: An attack on paypal

2003-06-10 Thread Bill Frantz
At 5:12 PM -0700 6/8/03, Anne Lynn Wheeler wrote: somebody (else) commented (in the thread) that anybody that currently (still) writes code resulting in buffer overflow exploit maybe should be thrown in jail. A nice essay, partially on the need to include technological protections against human

RE: Keyservers and Spam

2003-06-10 Thread David Honig
At 12:43 PM 6/10/03 -0400, Jeffrey Kay wrote: number (which I now use Call Intercept to avoid telephone solicitors). But for privacy reasons, some folks will not automatically forward their phone number. You either deny them access or require them to jump through extra hoops (redial w/ special

[ISN] Cryptography at the core of sound IT security

2003-06-10 Thread R. A. Hettinga
--- begin forwarded text Status: U Date: Tue, 10 Jun 2003 00:22:02 -0500 (CDT) From: InfoSec News [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: [ISN] Cryptography at the core of sound IT security Sender: [EMAIL PROTECTED] Reply-To: InfoSec News [EMAIL PROTECTED]

Re: An attack on paypal -- secure UI for browsers

2003-06-10 Thread Sunder
Yes, NOW if you can load yourself into kernel space, you can do anything and everything - Thou Art God to quote Heinlein. This is true of every OS. Except if you add that nice little TCPA bugger which can verify the kernel image you're running is the right and approved one. Q.E.D. Look at the