On Tue, 26 Feb 2019 08:36:11 -0800, Seth Mattinen said:
> On 2/25/19 9:59 PM, Keith Medcalf wrote:
> > Are you offering an indemnity in case that code is malicious? What are the
> > terms and the amount of the indemnity?
> Anyone who is that paranoid should read the RFC and write their own TOTP
> client that lets them indemnify themselves from their own code.
I seem to recall that the 1983 Turing Award lecture referenced a 1974 pen test
of Multics that proved conclusively that level of paranoia isn't sufficient....