On Fri 23 Apr, 1999, Colin Johnston colinj@uk.psi.com wrote:
I understand the need to distribute pdf docs as there are useful for administration but password info in clear text could be overcome by encrypting the pdf's stored online(and in the binary distrib) and doing decryption of pdf info if required.
Much better to be so open about default passwords that no one mistakenly believes it could be kept secret, then people *will* change the default passwords. I almost feel compelled to go and compile a list of all default passwords for all software and hardware known to mankind (but someone has probably already beaten me to it.)
James.
In message 19990423174847.18242.qmail@ns.gbnet.net, James R Grinter writes :
On Fri 23 Apr, 1999, Colin Johnston colinj@uk.psi.com wrote:
I understand the need to distribute pdf docs as there are useful for administration but password info in clear text could be overcome by encrypting the pdf's stored online(and in the binary distrib) and doing decryption of pdf info if required.
Much better to be so open about default passwords that no one mistakenly believes it could be kept secret, then people *will* change the default passwords. I almost feel compelled to go and compile a list of all default passwords for all software and hardware known to mankind (but someone has probably already beaten me to it.)
I'd bet money on it.
Security through obscurity is weak at best. (Not sure whose quote I'm butchering.)
jason
[...] I almost feel compelled to go and compile a list of all default passwords for all software and hardware known to mankind (but someone has probably already beaten me to it.)
The Bugtraq archives are quite useful for this. Not to mention many, many other things.
-j
James.
On Fri, 23 Apr 1999, Jamie A. Lawrence wrote:
I might be wrong, but it belongs to one of the people from Enteract (A Chicago based ISP).
Tom
I might be wrong, but it belongs to one of the people from Enteract (A Chicago based ISP).
http://www.geek-girl.com/about/work.html
says:
I'm a software developer at Secure Networks, Inc. a security research firm which produces Ballista, the best network security audit package out there.
Prior to this, I was Chief Technology Officer at EnterAct, LLC, a medium-sized Internet Service Provider based in Chicago, IL.
Before that, I was a postdoctoral fellow in the Neural Information Processing Laboratory at Northwestern University, the same lab in which I earned my Ph.D.
so it belongs to somebody who *used* to be one of the people from Enteract.
(Then again, the page also says
Last updated: Saturday, 14-Mar-98 01:35:02 CST
....)
-
guy@netapp.com -
Jamie A. Lawrence -
Jason D. Kelleher -
jrg@acm.org -
tkaczma@gryf.net