Boston Linux & UNIX was originally founded in 1994 as part of The Boston Computer Society. We meet on the third Wednesday of each month, online, via Jitsi Meet.

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] 19,000 person company passwords stolen via HTTPS



I?m not going to go back and forth about this all night?  So I?m signing off of this thread after this response else it turns into a classic tl;dr.

> On Oct 6, 2015, at 7:55 PM, Rich Pieri <richard.pieri at gmail.com> wrote:
> 
> On 10/6/2015 7:30 PM, Anthony Gabrielson wrote:
>> No?
> 
> Yes. It's a monolithic data store with every user's identifying credentials in it. It doesn't matter how that data is stored. It doesn't matter what transformations are performed on that data. It's still in one place and the whole thing can be taken in one swoop

PGP is not a monolithic data store although it can interface with one.  DoD encryption boxes are not monolithic. It all depends on the model and how trust is defined and established. 

> 
>> It sounds like you?re asking for: - Secure Comms - Anonymity
> 
> No, not anonymity. If I do business with Amazon for example there is no anonymity or else they couldn't charge my credit card and I wouldn't receive my stuff. What I'm asking for is a mechanism where rather than me authenticating myself with Amazon, it is Amazon's services which authenticate themselves with me.
> 
> No, I don't know how to make it work. I wish I did. I wish someone did.

What are your requirements and why?  



BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org