Hopefully my last email answered your questions, but I will summarize the relevant points if not: 1) The post you mentioned, their crack doesn't work on recent versions of Windows Netscape, which is what we broke. These versions use a much more complex algorithm, which is still very lame. 2) We were unaware of the previous work, and Netscape didn't say "hey, someone did this before" when we notified them. In fact, they definitely reacted as if they knew the problem was there, but hoped no one would ever bother to exploit it. John On Thu, Dec 16, 1999 at 09:07:32AM +0700, Vanja Hrustic wrote: > I was bit confused with this link ( > http://www.rstcorp.com/news/bad-crypto-tech.html ), since I am not quite > clear if these guys are just reinventing the wheel, or have found > something new. > > Message at: > 370D20EF.BE1A63Aat_private">http://www.securityfocus.com/templates/archive.pike?list=1&date=1999-04-15&msg=370D20EF.BE1A63Aat_private > > containts the information which (as much as I can see) does the same > thing which guys from RST are mentioning. The messages dates from April > '99. > > Is this just another "Lets get some media attention" thing, or I have > missed some important point? > > Thanks. > > -- > > Vanja Hrustic > The Relay Group > http://relaygroup.com > Technology Ahead of Time
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:21:40 PDT