Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!usc!elroy.jpl.nasa.gov!swrinde!zaphod.mps.ohio-state.edu!pacific.mps.ohio-state.edu!linac!unixhub!stanford.edu!paulf@shasta.Stanford.EDU
From: paulf@shasta.Stanford.EDU (paulf)
Newsgroups: comp.dcom.modems
Subject: Re: Modem backdoor passwords (was re: security functions)
Message-ID: <162@shasta.Stanford.EDU>
Date: 19 Apr 91 17:51:07 GMT
References: <PTTe13w164w@dogface> <1991Apr15.155157.19473@cimage.com> <21400047@bfmny0.BFM.COM>
Organization: The Three Packeteers
Lines: 19

In article <21400047@bfmny0.BFM.COM> tneff@bfmny0.BFM.COM (Tom Neff) writes:
>If and when Caller*ID becomes universally available, it might be
>superior to callback for modem security.  If the caller's number isn't
>on your approved list, don't accept the login.  (Further, only accept
>certain classes of login based on the caller number's security
>classification, etc.)

Great.  So when you get access to some site that uses caller*id to do
authentication, I'll hunt down your house sometime, and make a midnight
visit to your demarc with my laptop....;-)

Authentication is just another reason why public cryptography is absolutely
essential to ensuring privacy in the days to come.  And yet another reason
to haggle against the proposed cryptography trapdoors; do you want your
congresscritters to be able to sign *for* you?


-=Paul Flaherty, N9FZX      | "Think of it as evolution in action."
->paulf@shasta.Stanford.EDU |       -- Larry Niven and Jerry Pournelle