Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Microsoft takes 7 years to 'solve' a problem?!

From: Paul Schmehl <pschmehl_lists () tx rr com>
Date: Wed, 26 Nov 2008 13:40:42 -0600
--On November 26, 2008 1:59:27 AM -0600 Elazar Broad <elazar () hushmail com> wrote: 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Um, NTLM isn't the only 20 or so year old protocol to take the rap
recently, I can think of a low numbered rfc, lets say 1034 and
1035. Hindsight is 20/20, and 20 years ago, who would have thought
that a 16 bit number was way too small for DNS transaction id, the
same "who would have though" goes for NTLM and the rest. Lets face
it, protocol design bugs suck, and to completely replace a widely
used protocol ranks pretty high in the PiTA hall of fame...
In that particular case Dan Bernstein not only *did* think about it but actually did something about it. It's just that no one else was listening. 

Paul Schmehl, If it isn't already
obvious, my opinions are my own
and not those of my employer.
******************************************
WARNING: Check the headers before replying

Attachment: _bin
Description: 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: