two factor authentication
Chris Rapier
rapier at psc.edu
Wed Jul 26 03:44:55 EST 2006
Alon Bar-Lev wrote:
> Chris Rapier wrote:
>>
>>
>> Alon Bar-Lev wrote:
>>
>>> Smartcard *IS* two factor, this is why they exist. There is no
>>> better security solution than smartcards.
>>
>> Of course, smartcards can be easily defeated by a sufficiently scary
>> person holding a pair of garden shears. ;)
>>
>
> Well... I am not a native English speaker... What does it mean?
>
> Do you actually think there is a better security mechanism than smartcards?
The idea is that almost every security solution can be broken if the
person trying to break it is sufficiently ruthless. Things like
smart-cards, fobs, two factor authentication and so forth are really
only effective at one class of security attacks where the technology is
targeted.
However, the weakest link in any security chain is always the human. If
you *physically* attack the human then its very easy to gain access to
most any system. The mental I was trying to convey above is someone who
wants access to your systems and is willing to cut off your toes and
fingers with a pair of garden shears to get in. While some might
consider this to be extreme I'm personally surprised its not being doing
with some frequency.
Now is there a better solution than smartcards? Well, smart cards are a
compromise between security and convenience. They provide reasonably
good security but its not perfect. In fact, if you think about it ATM
cards are two factor security - very much like smartcards - you need the
card and the pin to access your money. However, a little ingenuity and
you come up with
http://www.snopes.com/crime/warnings/atmcamera.asp
http://www.crimes-of-persuasion.com/Crimes/InPerson/atm_scams.htm
and
http://www.engadget.com/2005/03/29/beware-phony-atm-facades/
Anyway, this doesn't have much to do with OpenSSH. My point was really
just that most any security protocol can be broken by someone who is
determined enough to do it.
More information about the openssh-unix-dev
mailing list