Robert Hettinga wrote:
All this reminds me of something Tim May, Eric Hughes, and others have said before. Once you've gotten to the point where loss of security equals, in a very literal sense, loss of money, the incentive to publicize any given security hole starts to go away.
The Netscape PR department is no doubt preparing to spin the "bug fix" into a "major update." The fact of the matter is, the software does exactly what it was designed to do. The fact that those who are "out of the loop" found out how to use that designed feature does not make it a "bug." When the list got spammed with email from 10,000 Laker fans named "Bubba," I blasted plaidworks.com for their rudeness in trying to place all the blame on "hackers" when the fact was that they left their system wide open to abuse for the sake of convenience and profit. Similarly, the government and corporations want systems designed to allow them access to all available information passing through the internet system and then cry "abuse" or "security bug" when individuals discover how to use the design to their advantage. Calling the Netscape feature a "bug" merely serves to draw attention away from the fact that the software was intentionally designed in order to facilitate snooping (ala Clipper chip?) and that indicates that there have been people who have known how to take advantage of the feature since its implementation. Do the people who instituted the design and development of this snooping feature all have "Good Guy" stamped on their forhead? Sure they do... TruthMonger
On Sun, 15 Jun 1997, lucifer Anonymous Remailer wrote: [...]
Similarly, the government and corporations want systems designed to allow them access to all available information passing through the internet system and then cry "abuse" or "security bug" when individuals discover how to use the design to their advantage.
I don't beleave in this case that it was a intentional feature. For one thing if I was creating such a trapdoor in my program, I would make use of some sort of public key system so that only I could access it. Please excuse my spelling as I suffer from agraphia see the url in my header. Never trust a country with more peaple then sheep. Buy easter bilbies. Save the ABC Is $0.08 per day too much to pay? ex-net.scum and prouud I'm sorry but I just don't consider 'because its yukky' a convinceing argument
participants (2)
-
? the Platypus {aka David Formosa}
-
lucifer@dhp.com