From: "Daniel C. Cotey" <dccotey@eclat.uccs.edu>
Date: Tue, 19 Sep 95 13:50:03 PDT
To: "Rev. Mark Grant" <mark@unicorn.com>
Subject: Re: "Hackers"-- brief review and anecdote...
In-Reply-To: <Pine.3.89.9509191823.A881-0100000@unicorn.com>
Message-ID: <Pine.ULT.3.91.950919143844.5998B-100000@eclat>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 19 Sep 1995, Rev. Mark Grant wrote:

>
> If it wasn't for ITAR the Net would already have secure encryption and
> authentication, and most such hacker attacks would be impossible (or at 
> least impractical).
> 

	As someone who has hacked a little I would say that sloppy coding 
(much like netscape's) has helped hackers far more than lack of 
encryption.  Imagine for a moment if sun had included some form of 
encryption (maybe in nfs ?) in sunos 4.x.x,  would it have been 
effective if it had as many holes as sendmail, etc.. ?

	Good algorithms well coded will hurt hackers. Good algorithms 
slopply coded will simply provide hackers with one more toy to abuse, 
while giving average people a false since of security (but you SAID it 
was strong crypto, so why did they get my credit card number ?)


 pUFF