From: "Roland Postle" <mailat_private> Subject: Re: Plain text password for Microsoft (icwip.dun) > 'Storing' the password in encrypted form would be quite easy to accomplish, > and it would at least stop the casual snooper. You could argue that the same > passwords /are/ encrypted when they're put in the registry, so why not in > .ins files too? It increases the security a tad. It protects against the casual snooper, agreed, but a determined attacker bypasses this.. there are numerous tools for extracting 'encrypted' dial-up passwords etc. from the registry. > Anyway, for a complete solution I think we should wait for... Palladium and > TCPA-based modems. You go that way, I'll go this. See you there. -Knud
This archive was generated by hypermail 2b30 : Tue Jul 09 2002 - 14:44:36 PDT