Comments: An idea for opportunistic public key exchange

But what about the MITM attacks that would happen until the admin checks his email and realises that an attack is happening? Wouldn't all attempted logins till then mean a severely compromised system?

Also, how do you decide whom to send the email to, especially in the shared hosting scenarios?

Instead of considering the issue as 'penalizing the client', shouldn't it be considered as who to would lose most in case of an attack and work on this entity's behalf and guard against this?

Posted by Srijith at April 9, 2008 07:55 AM
Post a comment









Remember personal info?






Hit Preview to see your comment. 
MT::App::Comments=HASH(0x5639904f07e0) Subroutine MT::Blog::SUPER::site_url redefined at /home/iang/www/fc/cgi-bin/mt/lib/MT/Object.pm line 125.