 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
On Wed, Aug 04, 2010 at 09:51:44PM -0500, Derek Martin wrote: > On Wed, Aug 04, 2010 at 06:26:40PM -0400, Dan Ritter wrote: > > To my personal knowledge, a MITM attack has happened at a major > > Boston-area company within the last twenty years. It is > > unreasonable to think that this was the sole incident. > > But, to your knowledge, one case occured. In twenty years. I'd say > that qualifies as "extremely unlikely" -- wouldn't you? No, I'd say that's a single data point indicating that it does in fact occur. Trying to extrapolate any frequency from that other than "unlikely to be unique" is silly. > > It's not common, but it can happen. > > Based on the frequency with which it occurs (pretty rare), do you > think it's worth Jarod's time to jump through hoops to guard against > one? Possibly. > To guard his MythTV box? I don't think he values it that highly, so no. Security has costs. It may be the case that protecting against MITM attacks will also protect against enough other non-DOS attacks, and cost little enough in relation to the overall benefits, that Jarod should invest in it. Saying so without a threat model, asset value estimate and cost estimate is, again, silly. -dsr- -- http://tao.merseine.nu/~dsr/eula.html is hereby incorporated by reference. You can't defend freedom by getting rid of it.
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
