Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Comment: Re:Summary without technobabble (Score 1) 119

by ls671 (#48726985) Attached to: Bots Scanning GitHub To Steal Amazon EC2 Keys

>Thirdly, "bought" 30 million certs?

Oh and yes, that's why we were both laughing our hearts out and calling shenanigan at the same time. As I wrote in my OP, I would have been glad to generate those certs for them for 10,000$ instead of the 30,000,000$ they spent. But hey, a buck a piece for certs is a great deal, isn't it?

The usb key solution was suggested as well but the conclusion was that dumb users would lose their usb keys and that it would become too costly to manage.

In the end, we seem to be doomed unless we educate people.

Comment: Re:Summary without technobabble (Score 2) 119

by ls671 (#48723685) Attached to: Bots Scanning GitHub To Steal Amazon EC2 Keys

I entirely agree but for some, namely the ones who still use symmetric keys, this has become an old school thought.

In Canada, the government bought 30 millions certificates for all its citizens in oder to authenticate for government on line services for a buck a piece. Total: 30,000,000$

I would have been glad to provide it to them for 10,000$ and guess what? All privaye keys were kept centrally ;-) Us, old school guys just couldn't believe it.

The big thinkers/marketing guys decided that it was just to complicated for citizens to manage and keep their secret key in a secure location.

Memories of you remind me of you. -- Karl Lehenbauer