nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking

From: Matthew Petach <mpetach () netflight com>
Date: Tue, 26 Feb 2019 12:23:38 -0800
On Tue, Feb 26, 2019 at 9:51 AM <valdis.kletnieks () vt edu> wrote:


On Tue, 26 Feb 2019 08:36:11 -0800, Seth Mattinen said:

On 2/25/19 9:59 PM, Keith Medcalf wrote:

Are you offering an indemnity in case that code is malicious?  What

are the

terms and the amount of the indemnity?



Anyone who is that paranoid should read the RFC and write their own TOTP
client that lets them indemnify themselves from their own code.


I seem to recall that the 1983 Turing Award lecture referenced a 1974 pen
test
of Multics that proved conclusively that level of paranoia isn't
sufficient....




Well, the OP was probably just speaking in shorthand.

What I'm sure they really meant was after developing your own silicon on
your own hardware, and hand assembling your own compiler and linker, and
then writing your own drivers for your hardware and building your own
operating system, you could easily write your own TOTP implementation on
your hardware running on your silicon with your operating system with your
compiler and your linker...and then you could be sure.

Right?

Matt
Previous By Date Next
Previous By Thread Next

Current thread: