26 Feb
2019
26 Feb
'19
12:49 p.m.
On Tue, 26 Feb 2019 08:36:11 -0800, Seth Mattinen said:
On 2/25/19 9:59 PM, Keith Medcalf wrote:
Are you offering an indemnity in case that code is malicious? What are the terms and the amount of the indemnity?
Anyone who is that paranoid should read the RFC and write their own TOTP client that lets them indemnify themselves from their own code.
I seem to recall that the 1983 Turing Award lecture referenced a 1974 pen test of Multics that proved conclusively that level of paranoia isn't sufficient....