Educause Security Discussion mailing list archives
Re: iPad and access to university ERP
From: "SCHALIP, MICHAEL" <mschalip () CNM EDU>
Date: Thu, 22 Jul 2010 08:08:31 -0600
My point is that this kind of connection isn't persistent. Realistically - someone would have to be sniffing the traffic - discover the session - attempt to "brute force" it - and hope to get something meaningful from the session. Yeah - sometimes "good enough" is just that.....(just my take....) -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Valdis Kletnieks Sent: Wednesday, July 21, 2010 9:46 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] iPad and access to university ERP On Wed, 21 Jul 2010 16:45:27 MDT, "SCHALIP, MICHAEL" said:
But.....given that the session *is* encrypted - and not persistent- wouldn't *any* kind of encryption be serviceable for something like this?
*any* kind? Given today's CPU speeds, 40 bit encryption is essentially rot-13. Brute-force test all 1,099,511,627,776 keys in a few minutes. If you have a botnet of more than a few hundred machines, it will take more compute power to distribute the job than it will to break the keys. Still think "*any*" is good enough? :) -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
Current thread:
- Re: iPad and access to university ERP, (continued)
- Re: iPad and access to university ERP Russell Fulton (Jul 23)
- Re: iPad and access to university ERP James Peluso (Jul 24)
- Re: iPad and access to university ERP Brad Judy (Jul 22)
- Re: iPad and access to university ERP Brad Judy (Jul 22)
- Re: iPad and access to university ERP John Hoffoss (Jul 22)
- Re: iPad and access to university ERP Bret Ingerman (Jul 23)
- Re: iPad and access to university ERP Richard Hopkins (Jul 22)
- Re: iPad and access to university ERP Roger Safian (Jul 22)
- Re: iPad and access to university ERP Richard Hopkins (Jul 22)
- Re: iPad and access to university ERP Valdis Kletnieks (Jul 21)
- Re: iPad and access to university ERP SCHALIP, MICHAEL (Jul 22)
- Re: iPad and access to university ERP Joel Rosenblatt (Jul 22)
- Re: iPad and access to university ERP Valdis Kletnieks (Jul 24)