Re: disabling Intel PSN
H. Peter Anvin (hpa@transmeta.com)
17 Dec 1999 12:02:36 -0800
Followup to: <Pine.LNX.4.05.9912170550101.24762-100000@ns.snowman.net>
By author: Stephen Frost <sfrost@ns.snowman.net>
In newsgroup: linux.dev.kernel
> >
> > What you describe is roughly equivalent to storing the 24 extra bytes
> > in a local file or in a hacked copy of the ssh program itself.
>
> Which actually decreases security because it's no longer just in
> your head. :) This means that a bad guy can learn part of your pass-
> phrase, and with that have a potentionally easier time figuring out the
> rest.
>
That's not true. It only decreases security if you make the manual
part of the passphrase correspondingly shorter. As an *addition*, it
increases security. As a *replacement*, it decreases security.
However, the main reason I can see for allowing the PSN to be enabled
would be (a) asset tracking, (b) identifying a system among some set
of "dumb" nodes on an non-Ethernet network (e.g. dialin) -- this lets
all systems be cloned identically, reducing cost; (c) licensing.
Although I personally disagree with (c), if a company has a product I
want I'd rather see them make it available on Linux with a dumb
license rather than not offer it at all.
-hpa
--
<hpa@transmeta.com> at work, <hpa@zytor.com> in private!
"Unix gives you enough rope to shoot yourself in the foot."
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/