Slashdot Mirror

← Back to Stories (view on slashdot.org)

Delayed Password Disclosure

Posted by Zonk on from the you-show-me-yours dept.

ET_Fleshy writes "Markus Jakobsson has an interesting article discussing a promising new security protocol called "Delayed Password Disclosure" that can validate a computers authenticity before exchanging passwords/keys. While nothing is ever truly secure, this seems to show promise in protecting users from a wide variety of stealth attacks (pdf) used today, specifically man in the middle (pdf) attacks."

8 of 163 comments (clear)

  1. An okay article, I guess.... by aendeuryu · · Score: 5, Funny

    It'd be better if the font weren't so small, though...

    1. Re:An okay article, I guess.... by athakur999 · · Score: 4, Funny

      No kidding. He's just asking for Slashdotting since his server has transfer all those big characters.

      --
      "People that quote themselves in their signatures bother me" - athakur999
  2. HTML versions... by Mr.+Capris · · Score: 5, Funny

    Me, i hate pdf...so here's HTML versions, courtesy of Google: man in the middle attack
    stealth attacks

    --
    Have you seen the arrow?
  3. This sounds pretty interesting. by Sheetrock · · Score: 5, Funny

    The only part I can't figure out is how they're going to send the carbon paper and envelopes across the Internet. I can't find the protocol for that.

    --

    Try not. Do or do not, there is no try.
    -- Dr. Spock, stardate 2822-3.




  4. Re:Quick Question by wfberg · · Score: 4, Funny

    Why is it called Man-in-the-middle?

    Isn't it better if it were called Woman-in-the-middle? It would atleast not make us geeks seem so gay.

    Well, feminist do-gooders, in an effort to de-genderify the term whilst keeping the acronym MITM beat you to it, by redefining MITM as "Meet-In-The-Middle".

    It was a quite popular term in academia, until it was discovered that "Meat-In-The-Middle" in the context of a three-party situation sounds a lot more gay even.

    --
    SCO employee? Check out the bounty
  5. I... can't keep. Reading. by StikyPad · · Score: 5, Funny

    By then, it may be too late, as in the meantime, the attacker may collect and even modify information that was not intended for him.

    Damnit, Bones I, can't figure out how to, place commas in, my, sentences I know they, should go somewhere I'm. Just not sure where.

    --
    https://www.eff.org/https-everywhere
  6. Re:And this is new how??? by 0x20 · · Score: 2, Funny

    mmm.... salted hash.

  7. Re:Lockout after failed auths is a DoS by modecx · · Score: 2, Funny

    Actually, I write my user names and passwords down. Then I put them in my depleted uranium and lead lined concrete and hardened steel reinforced vault with biometric and timed locks. Then I kick the pair of radioactive lava spewing mutant doberman pinschers that guard the door to wake them up.

    It's hell trying to figure out what my balance is.

    --
    Constitutional rights may be respected, repealed, or modified; but they must never be ignored.