[OpenAFS] ADS and MIT Kerberos transition auth continued
Vincent Fox
vbfox@ucdavis.edu
Thu, 09 Jul 2009 09:31:36 -0700
Simon Wilkinson wrote:
>
> On 9 Jul 2009, at 16:50, Douglas E. Engert wrote:
>
>> Depends on what data you put in AFS, and is the AFS network traffic
>> sniffable
>> You would need to do a risk assessment of you situation.
>
> And when you do that risk assessment, consider the sentiments
> expressed in:
>
> http://xkcd.com/538/
>
A decade or so ago we would regularly find hacked
UNIX systems of various sorts. Typically running IRC bots
but sometimes you'd find a sniffer. I haven't even heard of
a case of sniffer installs in years. It's much more cost-effective
to install a trojan that grabs keyboard input and searches for
information in browser wallet etc. Sifting through network data seems
like a pretty dead field for the black hats these days like expecting
a public school student to know Latin. Not dissing the thought
too much but we all have to prioritize our efforts.