Newsgroups: news.sysadmin
Path: utzoo!lsuc!dave
From: dave@lsuc.uucp (David Sherman)
Subject: Re: Security checkup
Date: Mon, 10-Oct-88 07:59:52 EDT
Summary: misplaced concept of security
Message-ID: <1988Oct10.075955.10082@lsuc.uucp>
References: <2316@att.ATT.COM>
Organization: Law Society of Upper Canada, Toronto

In article <2316@att.ATT.COM> jhc@att.ATT.COM (Jonathan Hawbrook-Clark) writes:
>In article <233@ssbn.WLK.COM> bill@ssbn.WLK.COM (Bill Kennedy) writes:
>>Then why does your company have uucp logins without passwords?  I agree
>>with Jonathan (SA att-mt) that anyone could masquerade as anyone else,
>>but dammit!  Not without a valid password!
>
>The problem of having unique logins/passwords for each site boils
>down to one of key security. The security of having a key which is
>fairly widely known, held in cleartext, and never changed, is
>minimal. So we wouldn't trust it anyway.

As I have indicated in private mail to jhc, following the
discussion in comp.mail.uucp, the above argument is simply wrong.
If there are individual logins and passwords, then the key
is NOT "fairly widely known".  It exists in exactly ONE place,
namely the L.sys file of the uucp neighbour.  If the neighbour's
security is compromised, then the neighbour has to worry about
all kinds of things, of which the possibility of someone
calling att to pick up mail is pretty trivial.

So far the only argument I have heard from AT&T to justify
not having separate logins and passwords is that there would
be some administrative cost to setting this up.  Since it could
be assisted with shell scripts, and since "att" is THE gateway
into a giant organization, I do not consider this to be justification
for a policy which deliberately slows down the passage of uucp
traffic emanating from AT&T.

(The policy is the policy of not sending mail unless they call you.)

David Sherman
The Law Society of Upper Canada
-- 
{ uunet!attcan  att  pyramid!utai  utzoo } !lsuc!dave