[lug] Is anon ftp upload really bad?
Peter Hutnick
peter-lists at hutnick.com
Wed Apr 24 19:33:28 MDT 2002
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Wednesday 24 April 2002 05:49 pm, John Hernandez wrote:
> Yes, "authenticated anonymous" is indeed an oxymoron, but I didn't say
> or imply it.
Holy crap this is a Twilight Zone moment.
I don't want to turn this into a pissing contest, but here is an _unedited_
quote (from message-id 3CC730BE.1020602 at noaa.gov):
> I would urge others to use anon uploads (in a safe and sane way) over
> cleartext authenticated FTP any day of the week.
>
I don't quite get it. If you ADD authentication (even reusable
clear-text passwords) to the current (safe and sane) method, how does a
stolen password make you any worse off, provided the account is for ftp
only?
The parts set off by ">" characters is me. The other part is someone claiming
to be you. Maybe you think I mean something other than anonymous by "anon"?
- -Peter
- --
/"\ ASCII Ribbon campaign against HTML e-mail
\ /
X Get my PGP key at http://hutnick.com/pgp
/ \ 6128 5651 6F23 EC17 6EBD 737D 960A 20E6 76CA 8A59
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE8x1zplgog5nbKilkRAmQpAJ4sxBXkD8uKwQzuBkq+2aCzhp8eFwCgiJbH
ueyzxjHcd+5ktcsvIZdd3FE=
=pRkb
-----END PGP SIGNATURE-----
More information about the LUG
mailing list