nanog mailing list archives

Re: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking

From: valdis.kletnieks () vt edu
Date: Tue, 26 Feb 2019 12:49:30 -0500

On Tue, 26 Feb 2019 08:36:11 -0800, Seth Mattinen said:

On 2/25/19 9:59 PM, Keith Medcalf wrote:

Are you offering an indemnity in case that code is malicious?  What are the
terms and the amount of the indemnity?

Anyone who is that paranoid should read the RFC and write their own TOTP 
client that lets them indemnify themselves from their own code.


I seem to recall that the 1983 Turing Award lecture referenced a 1974 pen test
of Multics that proved conclusively that level of paranoia isn't sufficient....

Current thread:

Re: A Deep Dive on the Recent Widespread DNS Hijacking, (continued)
- - - Re: A Deep Dive on the Recent Widespread DNS Hijacking valdis . kletnieks (Feb 25)
    - Re: A Deep Dive on the Recent Widespread DNS Hijacking Paul Ebersman (Feb 25)
    - Re: A Deep Dive on the Recent Widespread DNS Hijacking valdis . kletnieks (Feb 25)
    - Re: A Deep Dive on the Recent Widespread DNS Hijacking Eric Kuhnke (Feb 25)
    - Re: A Deep Dive on the Recent Widespread DNS Hijacking Hunter Fuller (Feb 25)
    - Re: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking John Levine (Feb 25)
    - Re: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking Rubens Kuhl (Feb 25)
    - RE: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking Keith Medcalf (Feb 25)
    - Re: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking Job Snijders (Feb 25)
    - Re: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking Seth Mattinen (Feb 26)
    - Re: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking valdis . kletnieks (Feb 26)
    - Re: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking Matthew Petach (Feb 26)
    - RE: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking Keith Medcalf (Feb 26)
    - Re: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking Hunter Fuller (Feb 26)
    - Re: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking Ross Tajvar (Feb 26)
    - Re: A Deep Dive on the Recent Widespread DNS Hijacking Saku Ytti (Feb 26)
    - Re: A Deep Dive on the Recent Widespread DNS Hijacking Tony Finch (Feb 26)
    - Re: A Deep Dive on the Recent Widespread DNS Hijacking Paul Ebersman (Feb 25)
    - Re: A Deep Dive on the Recent Widespread DNS Hijacking Ross Tajvar (Feb 25)
    - Re: A Deep Dive on the Recent Widespread DNS Hijacking Bill Woodcock (Feb 24)
    - Re: A Deep Dive on the Recent Widespread DNS Hijacking Hank Nussbacher (Feb 24)

(Thread continues...)