Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > NFR Wizards> 1998

NFR Wizards Archive: Re: FW-1: Questions about DHCP and IPX

Re: FW-1: Questions about DHCP and IPX

Marcus J. Ranum (mjrnfr.net)
Tue, 29 Sep 1998 14:04:50 -0400

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Next message: Gary Scheel: "Dialup vs. VPN"
Previous message: John Labovitz: "Re: [ISN] Security vendors discuss new protocol (fwd)"
In reply to: arkeltex.ru: "[ISN] Security vendors discuss new protocol (fwd)"
Next in thread: Aaron D. Turner: "Re: FW-1: Questions about DHCP and IPX"

>| I remember the bounty, but I guess I missed Adam's arguments (in fact I
>| recall it being a thread stopper :). What kind of cluelessness are we
>| talking about?
>
> I suggested that the use of a 48 bit, unpublished cryptosystem
>was sufficiently backdoor-esque and provable that MJR should send me a
>check. It was done with tounge firmly planted in cheek (although I
>probably pushed hard for the money; its the principle of winning a
>challenge from Marcus, more than a belief that it was a backdoor. :)

Using a cheap-crap proprietary cryptosystem to manage a firewall
is unforgivably stupid. But I don't think it counts as a trapdoor
because they didn't try to hide it and it's a trapdoor that will
work for *anyone* who wants to hook up enough PCs to break the
key.

To get my check, I want to see a smoking gun. All the rumor-mongers
talk like there is one, but amazingly nobody comes forward with one.
I'm sure that if someone actually found one they'd be thrilled to be
able to get their 15 minutes of fame by owning the key to a significant
percentage of the firewalls on the Internet. Those kinds of things are
hard to keep secret for very long.

What's aggravating about the whole thing is that I've had otherwise
should-be-clueful technologists *assert* that there is one and then
stare at me like I'm nuts when I say, "so show me!" There have been
folks who've told me flat out, "we had this consultant here and he
said he knows there is one." "Did he show you?" "No, he said it was
found by The Government but it's top secret." Yeah, right. It's
really mind-boggling. I'm not especially well-connected, but I'm quite
sure that I'd hear about it from the proper channels if there was
proof of such a thing. This rumor has been floating for 3 years now
and not a single shred of proof has surfaced.

mjr.

--
Marcus J. Ranum, CEO, Network Flight Recorder, Inc.
work - http://www.nfr.net
home - http://www.clark.net/pub/mjr

Next message: Gary Scheel: "Dialup vs. VPN"
Previous message: John Labovitz: "Re: [ISN] Security vendors discuss new protocol (fwd)"
In reply to: arkeltex.ru: "[ISN] Security vendors discuss new protocol (fwd)"
Next in thread: Aaron D. Turner: "Re: FW-1: Questions about DHCP and IPX"

This archive was generated by hypermail 2.0b3 on Sat Jul 17 1999 - 07:11:48 CDT