Bah. Risk is the issue.

IWETHEY v. 0.3.0 | TODO

1,095 registered users | 0 active users | 0 LpH | Statistics
Login | Create New User

Welcome to IWETHEY!

Post #185,597

by FuManChu

11/30/04 4:22:03 PM

Bah. Risk is the issue.

...and there are more risks than simply "proceeding as normal". One is that they would (in parallel) gain access to the new-password mailbox through sniffing, cracking or other means. Another is that they mount a DOS on my mailbox through the "new password" feature. For some mail systems, these would go hand-in-hand. Secure systems require examining all the risks, not just the original risk for which your technology was designed.

Post #185,600

by admin

11/30/04 4:23:51 PM

So what's YOUR suggestion?

Regards,

-scott anderson

"Welcome to Rivendell, Mr. Anderson..."

Post #185,606

by FuManChu

11/30/04 4:39:05 PM

Unfortunately for you #1 ;)

But looking at #2, it should be possible to secure the plaintext pword DB on a limited-services box. If the server also does FTP, SSH, what-have-you, it becomes less desirable.

Post #185,607

by admin

11/30/04 4:41:00 PM

WTF?

How is #2 any more secure than #3?

Regards,

-scott anderson

"Welcome to Rivendell, Mr. Anderson..."

Post #185,608

by FuManChu

11/30/04 4:44:04 PM

Sorry. You're right. I didn't read carefully.

I glossed over the email part.

Post #185,609

by admin

11/30/04 4:47:21 PM

11/30/04 4:48:36 PM

So how does that change your answer?

And I'm mainly interested to see if you have any suggestions for automated functionality.

But if we were to do #1, there's still the issue of me authenticating requests for password changes (if I'm doing the changing) or email snooping if I'm resetting and sending a new one.

There's also option #4 at the end of the thread.

Regards,

-scott anderson

"Welcome to Rivendell, Mr. Anderson..."

Edited by admin Nov. 30, 2004, 04:48:36 PM EST

Expand All History

Post #185,603

by imric

11/30/04 4:30:48 PM

Same risk than we have now during login.

And with CRCs suggestion that there be a limit on tries/hour, a DOS on your mailbox is NOT an issue.

Imric's Tips for Living

Paranoia Is a Survival Trait
Pessimists are never disappointed - but sometimes, if they are very lucky, they can be pleasantly surprised...
Even though everyone is out to get you, it doesn't matter unless you let them win.

Nothing is as simple as it seems in the beginning,
As hopeless as it seems in the middle,
Or as finished as it seems in the end.

Post #185,605

by FuManChu

11/30/04 4:37:17 PM

Same outcome, different risk--the attack surface has doubled

Post #185,678

by CRConrad

12/1/04 2:33:03 AM

Not mine.

"The other" Scott's: [link|/forums/render/content/show?contentid=185579|Post #185579].

[link|mailto:MyUserId@MyISP.CountryCode|Christian R. Conrad]
(I live in Finland, and my e-mail in-box is at the Saunalahti company.)

Your lies are of Microsoftian Scale and boring to boot. Your 'depression' may be the closest you ever come to recognizing truth: you have no 'inferiority complex', you are inferior - and something inside you recognizes this. - [link|http://z.iwethey.org/forums/render/content/show?contentid=71575|Ashton Brown]

Post #185,716

by Arkadiy

12/1/04 2:04:43 PM

Can we please weight the risks

against benefits and against the importance of the information being protected? I have hard time imagining someone using mailbox spoofing just to get access to my IWETHEY identity. DOSes can be easily prevented by limiting the number of resets per day.

--

This guy's ahead of his time! He's using quantum programming methods: in universes where invalid data is passed to this function, it does not return. Thus you are ensured that you will only have valid data after calling it. Optimally you'd destroy the universe on failure, but computers haven't quite advanced to that level yet.

-- [link|http://thedailywtf.com/archive/2004/10/26/2920.aspx|The] Daily WTF

zIWT meta: Which is better: - (admin) - (66) - Nov. 30, 2004, 09:02:55 PM EST

3) -NT - (mmoffitt) - Nov. 30, 2004, 02:43:44 PM EST

1) - (jb4) - (3) - Nov. 30, 2004, 02:50:26 PM EST

Not for long, at least... -NT - (admin) - (2) - Nov. 30, 2004, 02:51:30 PM EST

Is that a threat?!? -NT - (jb4) - (1) - Nov. 30, 2004, 05:27:37 PM EST

You should know by now... - (admin) - Nov. 30, 2004, 05:31:06 PM EST

3, with verification - (Arkadiy) - (29) - Nov. 30, 2004, 02:52:40 PM EST

Seconded. -NT - (Yendor) - Nov. 30, 2004, 02:54:26 PM EST

NO - (FuManChu) - (27) - Nov. 30, 2004, 02:57:04 PM EST

Er, buh? - (admin) - (3) - Nov. 30, 2004, 02:58:41 PM EST

That's enough of a detriment not to warrant the risk IMO -NT - (FuManChu) - (2) - Nov. 30, 2004, 04:13:16 PM EST

? -NT - (admin) - (1) - Nov. 30, 2004, 04:16:38 PM EST

?? -NT - (drewk) - Nov. 30, 2004, 05:46:20 PM EST

Yeah - (Yendor) - (11) - Nov. 30, 2004, 03:01:36 PM EST

How is that insecure? - (FuManChu) - (2) - Nov. 30, 2004, 04:17:29 PM EST

You're unclear on this. - (admin) - (1) - Nov. 30, 2004, 04:18:26 PM EST

See below. -NT - (FuManChu) - Nov. 30, 2004, 04:22:21 PM EST

You only need one field labeled "Hint" - (tuberculosis) - (7) - Aug. 21, 2007, 06:13:52 AM EDT

Sure... - (Yendor) - (6) - Dec. 1, 2004, 02:06:55 PM EST

Bah. - (admin) - Dec. 1, 2004, 02:10:59 PM EST

Not quite - (FuManChu) - (4) - Dec. 1, 2004, 04:35:59 PM EST

And my point is... - (Yendor) - (3) - Dec. 1, 2004, 08:03:26 PM EST

I have a standard formula I use for passwords. - (folkert) - (2) - Dec. 1, 2004, 10:20:06 PM EST

I also have a standard formula - (daemon) - (1) - Dec. 1, 2004, 10:40:44 PM EST

Ding, Ding, Ding. - (folkert) - Dec. 1, 2004, 11:06:54 PM EST

It's only insecure if the user is allowed to proceed - (imric) - (10) - Nov. 30, 2004, 03:13:54 PM EST

Bah. Risk is the issue. - (FuManChu) - (9) - Nov. 30, 2004, 04:22:03 PM EST

So what's YOUR suggestion? -NT - (admin) - (4) - Nov. 30, 2004, 04:23:51 PM EST

Unfortunately for you #1 ;) - (FuManChu) - (3) - Nov. 30, 2004, 04:39:05 PM EST

WTF? - (admin) - (2) - Nov. 30, 2004, 04:41:00 PM EST

Sorry. You're right. I didn't read carefully. - (FuManChu) - (1) - Nov. 30, 2004, 04:44:04 PM EST

So how does that change your answer? - (admin) - Nov. 30, 2004, 04:48:36 PM EST

Same risk than we have now during login. - (imric) - (2) - Nov. 30, 2004, 04:30:48 PM EST

Same outcome, different risk--the attack surface has doubled -NT - (FuManChu) - Nov. 30, 2004, 04:37:17 PM EST

Not mine. - (CRConrad) - Dec. 1, 2004, 02:33:03 AM EST

Can we please weight the risks - (Arkadiy) - Dec. 1, 2004, 02:04:43 PM EST

3) with some safeguards? - (Another Scott) - Nov. 30, 2004, 02:55:35 PM EST

4) WikiWay: everything wide open ... muuuaaaahahahahahaha -NT - (drewk) - (1) - Nov. 30, 2004, 03:29:24 PM EST

Shaddap wid' yer shaddin' ap... -NT - (admin) - Nov. 30, 2004, 03:30:31 PM EST

3 with a "what is your dog's name?" thingie -NT - (Silverlock) - Nov. 30, 2004, 03:44:54 PM EST

I'll join Ark, Scott(2), Don(Silverback), and YendorMike: 3+ - (CRConrad) - (2) - Nov. 30, 2004, 04:07:55 PM EST

<raises hand> on that last bit. :-) -NT - (Another Scott) - Nov. 30, 2004, 04:12:16 PM EST

Aye - 3) with - (imric) - Nov. 30, 2004, 04:24:18 PM EST

Another few options: - (admin) - (9) - Nov. 30, 2004, 04:50:29 PM EST

I'd rather not vote on solutions until we discuss risks - (FuManChu) - (8) - Nov. 30, 2004, 05:43:54 PM EST

Re: I'd rather not vote on solutions until we discuss risks - (admin) - (7) - Nov. 30, 2004, 05:53:17 PM EST

Okay, start with costs of current proposals - (FuManChu) - (3) - Nov. 30, 2004, 07:39:31 PM EST

Missed the point. :-) - (admin) - (2) - Nov. 30, 2004, 08:53:54 PM EST

Understood, but you're use case #1 - (FuManChu) - (1) - Nov. 30, 2004, 10:29:59 PM EST

I can do private keys... - (folkert) - Nov. 30, 2004, 10:40:15 PM EST

What do you want the software to do? - (Another Scott) - (2) - Nov. 30, 2004, 09:10:22 PM EST

Nope, wrong - (drewk) - (1) - Nov. 30, 2004, 09:35:34 PM EST

Yes, a *good* challenge question would be needed. - (Another Scott) - Nov. 30, 2004, 11:26:03 PM EST

how about 4, the way we do it now - (daemon) - (3) - Nov. 30, 2004, 05:18:15 PM EST

Which is? - (Another Scott) - Nov. 30, 2004, 05:21:17 PM EST

And what would that be? - (admin) - (1) - Nov. 30, 2004, 05:21:46 PM EST

the way it works now - (daemon) - Nov. 30, 2004, 05:34:53 PM EST

How about 5... - (jb4) - Nov. 30, 2004, 05:32:45 PM EST

16) Storing them encrypted with a "reset my password" featur - (folkert) - Nov. 30, 2004, 06:38:09 PM EST

A variation on 2) - (altmann) - Nov. 30, 2004, 07:36:03 PM EST

3), with a question 1st. -NT - (broomberg) - Nov. 30, 2004, 08:03:43 PM EST

3 with a proviso - (ChrisR) - (1) - Nov. 30, 2004, 08:23:21 PM EST

I like that! -NT - (Arkadiy) - Dec. 1, 2004, 02:10:44 PM EST

3. Puts the onus of keeping valid email address on user. -NT - (a6l6e6x) - Nov. 30, 2004, 09:08:12 PM EST

3 -NT - (pwhysall) - Dec. 1, 2004, 07:52:52 AM EST

6. - (static) - Dec. 5, 2004, 08:45:34 PM EST

"zIWT meta: Which is better:" Voting/Ratification (new thread) - (folkert) - Dec. 5, 2004, 09:59:30 PM EST

iwethey.org

The fourth-worst poetry in the known Universe.
123 ms