nanog mailing list archives
Re: gmail security is a joke
From: Owen DeLong <owen () delong com>
Date: Wed, 27 May 2015 14:19:13 +0200
On May 26, 2015, at 6:11 PM, Saku Ytti <saku () ytti fi> wrote: On (2015-05-26 17:44 +0200), Owen DeLong wrote: Hey,I think opt-out of password recovery choices on a line-item basis is not a bad concept.This sounds reasonable. At least then you could decide which balance of risk/convenience fits their use-case for given service.OTOH, recovery by receiving a token at a previously registered alternate email address seems relatively secure to me and I wouldn???t want to opt out of that.It's probably machine sent in seconds or minute after request, so doing short-lived BGP hijack of MX might be reasonably easy way to get the email.
If someone has the ability to hijack your BGP, then you’ve got bigger problems than having them take over your Gmail account.
Recovery by SMS to a previously registered phone likewise seems reasonably secure and I wouldn???t want to opt out of that, either.I have tens of coworkers who could read my SMS.
That’s interesting… Why do you choose to give access to your personal SMS messages to so many of your coworkers?
Really, you don???t need to strongly authenticate a particular person for these accounts. You need, instead, to authenticate that the person attempting recovery is reasonably likely to be the person who set up the account originally, whether or not they are who they claimed to be at that time.As long as user has the power to choose which risks are worth carrying, I think it's fine. For my examples, I wouldn't care about email/SMS risk if it's linkedin/twitter/facebook account. But if it's my domain hoster, I probably wouldn't want to carry either risk, as the whole deck of cards collapses if you control my domains (all email recoveries compromised)
We agree that different risks are appropriate for different levels of sensitivity. Owen
Current thread:
- RE: gmail security is a joke, (continued)
- RE: gmail security is a joke John Souvestre (May 27)
- Re: gmail security is a joke Jimmy Hess (May 27)
- Password storage (was Re: gmail security is a joke) Robert Kisteleki (May 28)
- Re: Password storage (was Re: gmail security is a joke) Christopher Morrow (May 28)
- Re: Password storage (was Re: gmail security is a joke) shawn wilson (May 28)
- Re: Password storage (was Re: gmail security is a joke) Michael Thomas (May 28)
- Re: gmail security is a joke Saku Ytti (May 26)
- Re: gmail security is a joke Valdis . Kletnieks (May 26)
- Re: gmail security is a joke Christopher Morrow (May 26)
- Re: gmail security is a joke Mark Andrews (May 26)
- Re: gmail security is a joke Owen DeLong (May 27)
- Re: gmail security is a joke Joe Abley (May 27)
- Re: gmail security is a joke Saku Ytti (May 27)
- Re: gmail security is a joke Joel Maslak (May 27)
- Re: gmail security is a joke Rafael Possamai (May 27)
- Re: gmail security is a joke Jimmy Hess (May 29)
- Re: gmail security is a joke Valdis . Kletnieks (May 27)
- Re: gmail security is a joke Octavio Alvarez (May 28)
- Re: gmail security is a joke Blair Trosper (May 28)
- Re: gmail security is a joke William Herrin (May 28)
- Re: gmail security is a joke Rich Kulawiec (May 28)