Xref: utzoo comp.dcom.modems:9291 sci.crypt:4518 alt.security:2227
Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!usc!cs.utexas.edu!uunet!bfmny0!tneff
From: tneff@bfmny0.BFM.COM (Tom Neff)
Newsgroups: comp.dcom.modems,sci.crypt,alt.security
Subject: Re: Modem backdoor passwords (was re: security functions)
Message-ID: <21400047@bfmny0.BFM.COM>
Date: 18 Apr 91 05:34:47 GMT
References: <1991Apr10.150745.4628@sctc.com> <PTTe13w164w@dogface> <1991Apr15.155157.19473@cimage.com>
Reply-To: tneff@bfmny0.BFM.COM (Tom Neff)
Followup-To: comp.dcom.modems
Lines: 15

If and when Caller*ID becomes universally available, it might be
superior to callback for modem security.  If the caller's number isn't
on your approved list, don't accept the login.  (Further, only accept
certain classes of login based on the caller number's security
classification, etc.)

Issues of ID masking and so forth would be moot.  Personal voice callers
may (and, I personally think, should) have the right to some anonymity
for the sake of a free society.  But secure corporate telecommunications
is a different matter -- if you want access to a secure system, the
telco line you use to do it ought to be traceable.
-- 
    For the curious:            +---+     Tom Neff
Here's what RS-232 pins do!   ==|:::|==   tneff@bfmny0.BFM.COM
       -- Inmac                 +---+     uunet!bfmny0!tneff