1996-04-25 - Re: Hack MSN anyone?

Header Data

From: Rich Graves <llurch@networking.stanford.edu>
To: “‘cypherpunks@toad.com>
Message Hash: c89c10059d1dd264f137537ffaa14acee94a648ae319ee97adcea6af537885fe
Message ID: <Pine.GUL.3.93.960425145006.27532I-100000@Networking.Stanford.EDU>
Reply To: <c=US%a=_%p=msft%l=RED-09-MSG-960425205348Z-73431@tide19.microsoft.com>
UTC Datetime: 1996-04-25 21:56:11 UTC
Raw Date: Thu, 25 Apr 1996 14:56:11 -0700 (PDT)

Raw message

From: Rich Graves <llurch@networking.stanford.edu>
Date: Thu, 25 Apr 1996 14:56:11 -0700 (PDT)
To: "'cypherpunks@toad.com>
Subject: Re: Hack MSN anyone?
In-Reply-To: <c=US%a=_%p=msft%l=RED-09-MSG-960425205348Z-73431@tide19.microsoft.com>
Message-ID: <Pine.GUL.3.93.960425145006.27532I-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 25 Apr 1996, Lee Fisher wrote:

> I was curious about the below message, and checked...
> 
> MSN uses CHAP (PPP's challenge-response handshake) for network layer
> authetication, and NTLM (Windows NT's challenge-response handshake) for
> application-layer authentication. The password is never sent in across
> the network. Challenge-responses encrypted with the password are sent.

Thanks; that's what I thought.

Never believe anything you're told by tech support. It was pretty clear to
me that the poor undereducated sod had the words "compression" and
"encryption" confused. NTLM isn't perfect, but it's difficult enough to be
secure enough for MSN. You're not doing anything IMPORTANT on MSN, are
you? 

Due to Win95's open memory model, there's probably some system call that a
virus/trojan can use to ask politely for the username and password; in
fact, isn't it the same API that has already been demonstrated? But if you
let such a beast on your machine, all bets are off anyway.

-rich






Thread