Path: utzoo!utgpu!news-server.csri.toronto.edu!bonnie.concordia.ca!uunet!news.uu.net!visix!news From: amanda@visix.com (Amanda Walker) Newsgroups: comp.protocols.appletalk Subject: Re: Watch, peeking, and security threats Message-ID: <1991May22.013452.18394@visix.com> Date: 22 May 91 01:34:52 GMT References: <9105160430.AA04272@eclectic.com> <1991May16.142436.15468@news.larc.nasa.gov> <1991May20.173119.4279@visix.com> Sender: news@visix.com Organization: Visix Software Inc., Reston, VA Lines: 37 In article kenw@skyler.arc.ab.ca (Ken Wallewein) writes: There a big difference between professional spooks and idle curiosity. Yes and no. At a university, "idle curiousity" can be pretty persistent. I've seen students wander around the Internet and routinely bypass normal security precautions "out of idle curiousity." As long as messages cross a network in cleartext, and that network is accessible by computers which do not support security in hardware and software, it's going to be pretty hard to prevent snooping. Exactly. Now, a constructive idea: how about network interface hardware manufacturers designing the circuit boards so that promiscuous mode is not implemented on some boards, or could require hardware changes to activate, or a password, or something like that? This is more or less the current case for Macintosh Ethernet boards, since anything that uses promiscuous mode has to talk directly to the hardware, a task about as complex as writing a .ENET driver for the board. On the other hand, LocalTalk hardware is the same on every Mac, and there are programs (and source code) wandering around to do snooping. The only effective response is to either change the software, or offer a big disincentive for the activity. At a university, the phrase "academic misconduct" comes to mind--the same kind of penalty you'd use for someone peeking at exams or someone else's files on a UNIX machine. -- Amanda Walker amanda@visix.com Visix Software Inc. ...!uunet!visix!amanda -- "The beauty of the truth is that it need not be proclaimed or believed. It skips from soul to soul, changing form each time it touches, but it is what it is...." --Mark Helprin, Winter's Tale