On Wed, 3 Dec 2003 12:19, Tom <[EMAIL PROTECTED]> wrote: > Smartcards would have avoided the Debian compromise: merely having a > compromised DD box would have prevented bad guy from getting on the box. > > It's all about layers of defense. > > I think the DD's should seriously think about requiring smartcards. It > would have prevented the proxmiate cause of our recent troubles.
I agree that smartcards would help a lot. However as has been previously suggested the cost of 1200+ smart-card readers is probably prohibitive. I have sent a message to Werner asking if the GPG smart-card device could be re-implemented with a USB interface. I think that a USB dongle with GPG technology would be a good option as most developer's machines already have USB support. -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page
