[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: NYT on Netscape Crack

To: [email protected]
Subject: Re: NYT on Netscape Crack
From: sameer <[email protected]>
Date: Tue, 19 Sep 1995 06:59:02 -0700 (PDT)
Cc: [email protected], [email protected]
In-Reply-To: <[email protected]> from "[email protected]" at Sep 19, 95 12:06:28 pm
Pgp-Strong-Print: 3C AE E4 00 C2 6A 81 FF 49 4E EE 0C CD CD 1D 80
Sender: [email protected]

> 
> Sure that's hard to notice, but what you describe was an accident, ie
> the code wasn't working as you thought it was.
> 

	Also, the fact that the source isn't available meant that it
took quite some work to reveal the hole. In Eric's case, with
available source, his mistake was found and corrected.

> 
> The moral in netscapes story is that closed systems are bad news.
> These things ideally need open review.  And of course designing things
> with the expectation that they are secure with the *given* that the
> full algorithm is known.

	Yes.

> 
> Real shame because the rest of the software is very innovative
> compared to other browsers, and apparently good quality.  Also may be
> a set back for net commerce, which is bad news.
> 

	Well if we hammer at 'em enough maybe they'll get their
security fixed. I still use netscape. I'm not going to stop using
netscape. (I'm not going to use netscape for anything sensitive
though, that's for sure.)

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			[email protected]

References:
- Re: NYT on Netscape Crack
  - From: [email protected]

Prev by Date: Re: NYT on Netscape Crack
Next by Date: Time release crypto
Prev by thread: Re: NYT on Netscape Crack
Next by thread: Re: NYT on Netscape Crack
Index(es):
- Date
- Thread