[clug] Drive-By Pharming Attack Could Hit Home Networks

Sam Couter sam at couter.id.au
Thu Feb 22 10:46:20 GMT 2007

Kim Holburn <kim.holburn at gmail.com> wrote:
> I like the idea of a password based on mac address or serial number.   
> It has some inherent security compared with a default password.

The MAC address is broadcast with every packet. No good basing secrets
on that.

> Surely it could be done as a script?  The system wakes up after a  
> reset to default and says to itself - "No password - create a new one  
> from the serial number with this script. There, that's better.  Now  
> I'll allow wireless to be activated."  Then all copies of the OS  
> could be the same.

Where does it get the serial number from if all the images are identical?
Sam Couter         |  mailto:sam at couter.id.au
                   |  jabber:sam at teknohaus.dyndns.org
OpenPGP fingerprint:  A46B 9BB5 3148 7BEA 1F05  5BD5 8530 03AE DE89 C75C
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.samba.org/archive/linux/attachments/20070222/eaeea854/attachment-0001.bin

More information about the linux mailing list