keystroke timing attack
Gert Doering
gert at greenie.muc.de
Sat Nov 10 10:24:33 EST 2001
Hi,
On Fri, Nov 09, 2001 at 12:27:29PM -0800, Florin Andrei wrote:
> Maybe i'm missing something, but isn't enough to not send passwords
> char-by-char over the network, and just wait for Enter and then send the
> whole lot?
How do you know that something the user types is a password (and not
"input to your favourite editor" or such)?
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert at greenie.muc.de
fax: +49-89-35655025 gert.doering at physik.tu-muenchen.de
More information about the openssh-unix-dev
mailing list