[4515] in cryptography@c2.net mail archive
Re: references to password sniffer incident
daemon@ATHENA.MIT.EDU (Dan Geer)
Tue Apr 13 17:54:03 1999
To: Bill Frantz <frantz@netcom.com>
Cc: cryptography@c2.net
In-Reply-To: Your message of "Fri, 09 Apr 1999 09:42:23 EDT."
<v0311071bb333dd7457a8@[209.109.234.33]>
Date: Tue, 13 Apr 1999 16:36:19 -0400
From: Dan Geer <geer@world.std.com>
With this being the state of the art in protection, why bother with
intercepts, cryptoanalysis etc?
Having just returned from the USENIX Workshop on
Intrusion Detection, I'd say that all juicy targets
are or will soon be thinking something like "better
living through surveillance." It is clear that the
only effective means now understood compare today's
surveillance with some floating average of yesterday's,
plus the steady accumulation of specific screens for
yesterday's novel and not-so-novel attacks. I mean,
wow, what they can do at Oak Ridge, Livermore, AT&T,
etc., etc., is really pretty astonishing but relies
on, say, keystroke monitoring campus wide or similar
sorts of baseline audit generation. Or, putting it
differently, I can't take care of you unless I shadow
you...
--dan
