From: tomw@orac.engr.sgi.com (Tom Weinstein)
To: cypherpunks@toad.com
Message Hash: f396a0a82c145ed58da65e93bc2f78b5848a32e0589e50b9052415ae3cb11cac
Message ID: <199510201250.FAA15055@orac.engr.sgi.com>
Reply To: <DGq01x.ADx@sgi.sgi.com>
UTC Datetime: 1995-10-20 12:50:20 UTC
Raw Date: Fri, 20 Oct 95 05:50:20 PDT
From: tomw@orac.engr.sgi.com (Tom Weinstein)
Date: Fri, 20 Oct 95 05:50:20 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape rewards are an insult
In-Reply-To: <DGq01x.ADx@sgi.sgi.com>
Message-ID: <199510201250.FAA15055@orac.engr.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain
In article <DGq01x.ADx@sgi.sgi.com>, Aleph One <aleph1@dfw.net> writes:
> On Thu, 19 Oct 1995 anonymous-remailer@shell.portal.com wrote:
>> > NETSCAPE CLIENT APIS (NCAPIS) 2.0
>> Generally, we don't routinely trust every other computer, foreign or
>> domestic on the Internet to manipulate us by remote control. This is
>> as basic as the idea that we don't give out our PIN numbers with our
>> banking cards to anyone who asks us.
> Have you actually read the stuff? The NCAPIS is not on by default.
> You *must* enable it by tellling it to which port to listen on.
> Further more Mosaic had a remote control API before Netscape did.
They can also be used only from the local machine on Windows or from any
machine your X server trusts on Unix. Unless the attacker can control
what software is installed on the target system, there's no way for him
to use this to his advantage. Of course, there's always the possibility
of exploting bugs, but that's not a "flawed algorithm".
--
Sure we spend a lot of money, but that doesn't mean | Tom Weinstein
we *do* anything. -- Washington DC motto | tomw@engr.sgi.com
Return to October 1995
Return to “tomw@orac.engr.sgi.com (Tom Weinstein)”
Unknown thread root