NYT on Netscape Crack
sameer
sameer at c2.org
Mon Sep 18 22:02:45 PDT 1995
>
> Not, of course, that they disclosed it before -- it was found by
> reverse engineering the distributed executable. Not, of course, that
> they have a choice in the matter of whether to disclose it -- they
> will be "disclosing" how its done as soon as they release the
> code. Not, of course, that security through obscurity does any good --
> it just magnifies the pain.
Once netscape is patched with a stronger PRNG if someone can
crack -that- one too, then they will get a T-shirt as well. Perhaps I
should offer the t-shirt for just revealing the algorithim used w/o
actually cracking it, just to deal with that statement from "Netscape
officials".
I emphasized in my conversation with the SFChronicle today
that 'security by obscurity' doesn't work. Hopefully that will be
reflected in the article.
--
sameer Voice: 510-601-9777
Network Administrator FAX: 510-601-9734
Community ConneXion: The NEXUS-Berkeley Dialin: 510-658-6376
http://www.c2.org (or login as "guest") sameer at c2.org
More information about the cypherpunks-legacy
mailing list