[erlang-questions] How to exchange sensitive data with ports?

Illo de' Illis illo@REDACTED
Fri Aug 7 22:17:47 CEST 2009


On 07/ago/2009, at 20.35, Hynek Vychodil <vychodil.hynek@REDACTED>  
wrote:

> On Fri, Aug 7, 2009 at 6:57 PM, Illo de' Illis <illo@REDACTED>  
> wrote:
> I doubt your advices would be useful to the scenery the original  
> poster is working with. Since she was afraid of a pipe I guess she  
> is already dealing with an public/untrusted system, and I reckon  
> locked memory (which I frankly wouldn't call "security by  
> obscurity") and /dev/TTY access for user input to be a good starting  
> point.
>
> If you are dealing with untrusted system there all effort just  
> Potemkin's village. It is worthless. One can make some masquerade  
> for dumb people but anyone who understand real security will laugh  
> at you.

It is all a matter of perspective.  I'd bet you would call a  
"masquerade for dumb people" locking someone's home door up to avoid  
thieves as well...

Well, let's hope both our opinions will be of some use to Elena! Good  
luck for your smartcard project.

Ciao,
Illo.


More information about the erlang-questions mailing list