Re: IE SSL Vulnerability

From: robert walker (robert.walkerat_private)
Date: Thu Aug 15 2002 - 16:11:22 PDT

Next message: Mark Healey: "RE: IE [with Google Toolbar installed] crash"

Previous message: Chuck: "Re: IE [with Google Toolbar installed] crash"
Maybe in reply to: Mike Benham: "IE SSL Vulnerability"
Next in thread: Charles Miller: "Re: IE SSL Vulnerability"
Reply: Charles Miller: "Re: IE SSL Vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

('binary' encoding is not supported, stored as-is) In-Reply-To: <Pine.BSO.4.33.0208031620550.8632-100000at_private> Given my background in cryptographic programming, it is difficult for me to imagine how the cause of this alleged vulnerability could be explained as programmer error or oversight. Yet I cannot fathom why MS would purposely skip such a basic step. I am waiting to hear Microsoft's side of the story. Because it goes to a core issue of whether or not they themselves are trustworthy. My car has airbags which protect me in a collision. Imagine if the manufacturer forgot to install them. What explanation is satisfactory in that circumstance? A huge amount of infrastructure is managed remotely via SSL and IE these days. It just boggles the mind the extent to which the security integrity of that infrastructure is now under a cloud unknowing.

Next message: Mark Healey: "RE: IE [with Google Toolbar installed] crash"
Previous message: Chuck: "Re: IE [with Google Toolbar installed] crash"
Maybe in reply to: Mike Benham: "IE SSL Vulnerability"
Next in thread: Charles Miller: "Re: IE SSL Vulnerability"
Reply: Charles Miller: "Re: IE SSL Vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Aug 16 2002 - 12:19:12 PDT