[OpenAFS] ADS and MIT Kerberos transition auth continued

Vincent Fox vbfox@ucdavis.edu
Thu, 09 Jul 2009 09:31:36 -0700

Simon Wilkinson wrote:
> On 9 Jul 2009, at 16:50, Douglas E. Engert wrote:
>> Depends on what data you put in AFS, and is the AFS network traffic 
>> sniffable
>> You would need to do a risk assessment of you situation.
> And when you do that risk assessment, consider the sentiments 
> expressed in:
> http://xkcd.com/538/
A decade or so ago we would regularly find hacked
UNIX systems of various sorts.  Typically running IRC bots
but sometimes you'd find a sniffer.   I haven't even heard of
a case of sniffer installs in years.  It's much more cost-effective
to install a trojan that grabs keyboard input and searches for
information in browser wallet etc.   Sifting through network data seems
like a pretty dead field for the black hats these days like expecting
a public school student to know Latin.   Not dissing the thought
too much but we all have to prioritize our efforts.