× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. February 2004

Re: Be very careful from now on...

Sniffing passwords isn't just an "OS" problem.  That is a network
infrastructure problem also, as well as internal security.  In all honesty,
do you blame Windows for someone being able to put a sniffer on your closed
network?  These are kiosks.  It isn't like any joe Schmo can install a
program on it.  It isn't liek you are downloading backdoors off the internet
onto it.  Plus, you can encrypt the data between the computers.

You ALWAYS have to assume your OS is crackable to some degree.  That is why
you always should code security into your application as well.  If you are
running something as important as polling software on Windows with Access,
you are obviously looking for trouble.  If you have a windows kiosk running
on Access on a Linux file server, it still is a problem because the weakest
link is Access.  Secure your OS as much as possible.  Encrypt data transfer.
Build security into the application.

Here is a link to a story I found years ago.  It was so tellign I saved it.

http://ford.rutgersinsurance.com/adam/voting.html

This sort fo illustrates what I am talkign about.  With this application, no
matter the OS they used, they are having security problems.

----- Original Message ----- 
From: "Jim Franz" <franz400@xxxxxxxxxxxx>
To: "Midrange Systems Technical Discussion" <midrange-l@xxxxxxxxxxxx>
Sent: Friday, February 13, 2004 4:17 PM
Subject: Re: Be very careful from now on...


> > the OS isn't really the issue with polling places.  It is the
compilation
> > software that is the problem.
>
> if  i can compromise the OS and sniff/log the password then
> i have the application. many are Access database, which
> has it's own holes. Now this is no different than any other
> wan except that most people would be uncomfortable if they
> knew nobody was watching the store, and the lack of
> redundancy and auditability makes is scary (to me).
> jim

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.