Michael Catanzaro wrote:
> If the attacker is unskilled and doesn't know how to boot a live image,
or if the attacker snuck into your room when you left it to fetch some
coffee, and needs to unlock your console, implant a backdoor and sneak
back out before you return, or otherwise can't reboot your computer
because you would notice it,
> and the password is *exceedingly* bad ("123", "alice", "mcatanzaro"
> etc.), then it would matter if the attacker could guess it. I personally
> see little harm in taking the ball away from those who'd use passwords
> like those.
>
> Possibly there is something I have missed -- if someone can set me
> straight as to a safety issue I am missing, that'd be dandy -- but I for
> one have yet to see an argument that the strength of the password
> matters at all!
In the previous paragraph you wrote that it does matter. It seems that
what you're actually arguing is that the threshold should be very low.
Björn Persson
Attachment:
pgp3Li3dJYOdN.pgp
Description: OpenPGP digital signatur
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
