Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!yale!cmcl2!kramden.acf.nyu.edu!brnstnd
From: brnstnd@kramden.acf.nyu.edu (Dan Bernstein)
Newsgroups: comp.unix.internals
Subject: Re: Finding Passwords
Message-ID: <22024:Oct606:35:1090@kramden.acf.nyu.edu>
Date: 6 Oct 90 06:35:10 GMT
References: <8685@mirsa.inria.fr> <12438:Oct223:00:3290@kramden.acf.nyu.edu> <652@puck.mrcu>
Organization: IR
Lines: 21

In article <652@puck.mrcu> paj@uk.co.gec-mrc (Paul Johnson) writes:
> If you are worried about physical line security then use encryption.
> There are ways in which your terminal and computer can authenticate
> each other.  If you are using a public terminal then you need a smart
> card device to provide keys.

Unnecessary, unnecessary, and unnecessary.

This is the flip side of what I've said before. It's actually rather
easy to *avoid* all Trojan Horses. All you need is some way to make sure
you're talking to the right object---and no intermediate object---on
each communications link.

Say, for example, that a terminal is connected directly to a terminal
concentrator, which has direct connections to ttys of a computer. All
that's necessary is that the concentrator and the computer accept some
key sequence (such as break) to unconditionally mean ``I want to talk to
someone I can trust, so gimme a proper prompt and shove any middlemen
out of the way.'' That's it.

---Dan