On Mon, 30 Apr 2007, Mike Fitzpatrick wrote:
> Hi Mark,
> I take your point and applaud your thoughtfullness. We too have
> multi-user machines and students, we also have large heavy objects that
> could be carried into offices to smash hard drives into little tiny bits
> to destroy the same data files. I consider the likelihood of data loss
> due to msg hacking or heavy objects to be about the same and have as
> much time to guard against each equally.
> Did I freak everyone out with the message spoofing point or has
> security been a major deal with PLASTIC for a while?
No, it's not been a major deal, and I take your point that security is always a trade-off. In my view the particular level of danger in the situation I was talking about was unacceptable, so I fixed something up to work around it, and made a note that it would be nice if it was built into the protocol so that I didn't have to to the same thing in the future. As far as I know, nobody else has come across a real-world instance where they've had to do the same thing, so, if nobody else thinks it's a worry I'm happy to see it go by the board (we can see how the votes stack up on the wiki page). The main point I'd make is that the changes that would be required to the protocol to implement better security than it now has are not very difficult to specify or implement.
Mark
P.S. We also lock server rooms round here to defend against axe-wielding undergraduates.
-- Mark Taylor Astronomical Programmer Physics, Bristol University, UK m.b.taylor@bris.ac.uk +44-117-928-8776 http://www.star.bris.ac.uk/~mbt/Received on 2007-04-30Z12:17:04