|
Sniffing passwords isn't just an "OS" problem. That is a network infrastructure problem also, as well as internal security. In all honesty, do you blame Windows for someone being able to put a sniffer on your closed network? These are kiosks. It isn't like any joe Schmo can install a program on it. It isn't liek you are downloading backdoors off the internet onto it. Plus, you can encrypt the data between the computers. You ALWAYS have to assume your OS is crackable to some degree. That is why you always should code security into your application as well. If you are running something as important as polling software on Windows with Access, you are obviously looking for trouble. If you have a windows kiosk running on Access on a Linux file server, it still is a problem because the weakest link is Access. Secure your OS as much as possible. Encrypt data transfer. Build security into the application. Here is a link to a story I found years ago. It was so tellign I saved it. http://ford.rutgersinsurance.com/adam/voting.html This sort fo illustrates what I am talkign about. With this application, no matter the OS they used, they are having security problems. ----- Original Message ----- From: "Jim Franz" <franz400@xxxxxxxxxxxx> To: "Midrange Systems Technical Discussion" <midrange-l@xxxxxxxxxxxx> Sent: Friday, February 13, 2004 4:17 PM Subject: Re: Be very careful from now on... > > the OS isn't really the issue with polling places. It is the compilation > > software that is the problem. > > if i can compromise the OS and sniff/log the password then > i have the application. many are Access database, which > has it's own holes. Now this is no different than any other > wan except that most people would be uncomfortable if they > knew nobody was watching the store, and the lack of > redundancy and auditability makes is scary (to me). > jim
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2025 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.