[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] RE: Linux (in)security

To: full-disclosure@lists.netsys.com
Subject: Re: [Full-Disclosure] RE: Linux (in)security
From: "I.R. van Dongen" <vdongen@hetisw.nl>
Date: Wed, 22 Oct 2003 19:22:25 +0200

Shawn McMahon wrote:

Schmehl, Paul L wrote:
Now, lest you get your hopes up and think it's possible to change the
world, read this:
http://www.ukauthority.com/articles/story898.asp
Ok, I read that as "we asked them to enter their password, and 15% of them typed something in response". I don't see where it says they verified that this was indeed the person's password.

I'd have typed something in there too; probably "your password".

I don't know a security expert that has only one password.

I'd prob type some jiberish.....or maybe "your password".....

(I don't include windows-wizard-engineers that have only one password because everything is in 1 big AD)

Gr,

Ivo


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- [Full-Disclosure] RE: Linux (in)security
  - From: "Schmehl, Paul L" <pauls@utdallas.edu>
- Re: [Full-Disclosure] RE: Linux (in)security
  - From: Shawn McMahon <smcmahon@eiv.com>

Prev by Date: Re: [Full-Disclosure] RE: Linux (in)security
Next by Date: [Full-Disclosure] Need help to find web server attacks signature
Previous by thread: Re: [Full-Disclosure] RE: Linux (in)security
Next by thread: Re: [Full-Disclosure] RE: Linux (in)security
Index(es):
- Date
- Thread