[cryptography] Constitutional Showdown Voided as Feds Decrypt Laptop
nico at cryptonector.com
Thu Mar 1 18:09:03 EST 2012
On Thu, Mar 1, 2012 at 4:56 PM, Jeffrey Walton <noloader at gmail.com> wrote:
>>> Mailman passwords are of very low value.
>> Precisely correct. The security mechanism is commensurate with the general
>> risk. And if you're running that high-value a mailing list, you simply
>> disable that feature.
> Low value to whom? Considering all the password reuse, some (such as
> the bad guys) would consider the username/password list high value.
I let mailman generate passwords. And I never use them, much less
re-use them. Well, I do use them when I need to change e-mail
addresses, which happens very rarely, and then I start by asking
mailman to send my my passwords because I don't remember them -- I've
done this like once in the past decade.
These are all public mailing lists. With public archives. To which
people post unsigned messages.
As for non-public lists, see Steven's reply.
Yeah, mailman passwords are of low value from a security point of view.
More information about the cryptography