[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: To Jonathan [backdoor]
From: |
Anton Tagunov |
Subject: |
Re: To Jonathan [backdoor] |
Date: |
Wed, 10 Jan 2007 02:08:07 +0300 |
User-agent: |
Thunderbird 1.5.0.9 (Windows/20061207) |
Anton> I've got an anti-hijack system in my car.
Anton> there's a 10 minute emergency procedure.
Jonathan> What prevents a hijacker to use that procedure?
A combination of factors:
* he needs to find the hidden button
* to know the exact procedure
* to break the console so that he would be able to touch
ignition wires together the needed number of times
(it's part of the procedure)
* to have 10 minutes of time - after he's already broken the console!
* Also the alarm emits funny sounds as he waits
I think every anti-hijack system manual I've seen mentioned a variation of this.
Anton> P.S. The talk is about *safe defaults* actually.
Pierre> I think the backdoor is an *unsafe* default, actually.
You're quite right.
We should decide what is more dangerous to an average Joe:
data loss/vendor lock-in or data disclosure?
However I ask you to kindly wait for my next mail.
I'll describe my backdoor design in detail.
Then we shall discuss a proposal not an abstraction.
cheers,
Anton