Re: NYT Article and Physical Security

• To: smith@sctc.com
• Subject: Re: NYT Article and Physical Security
• From: jbass@dmsd.com (John L. Bass)
• Date: Sat, 21 Oct 95 23:55:58 -0600
• Cc: www-security@ns2.rutgers.edu

 "Safe computing" in today's Internet
     environment is not something that happens automatically when you pull
     the software out of the box.

     This is where it gets back to WWW security. Are we trying to make WWW
     safe for everyone right out of the box?

     Rick.
     smith@sctc.com        secure computing corporation

In all Netscapes marketting hype for both clients and servers that seems to
be the express goal.

As more and more IS depts proxy Netscape thru their firewalls I get even
more concerned that the "the security" of netscape SLL sessions is infact
the perfect cover for a well healed trojan horse. At one of my clients sites
they have a rigrous bastions, but pay little heed to the risks of a trojan
netscape client. At least telnet session can be logged in clear text, IS has
not idea what passes thru the gateway encrypted as an SSL session.

John

• Re: NYT Article and Physical Security
• From: Rick Smith <smith@sctc.com>

• Previous: Re: netscape and /etc/passwd
• Next: Re: NYT Article and Physical Security
• Index(es):
  • Index
  • Thread