From: Dug Song (dugsong@monkey.org)
Date: Tue May 02 2000 - 11:50:33 PDT
On Tue, 2 May 2000, Tom Whore wrote:
> For something that was cooked up and released in short order, that is
> still under dev, the damn thing works and was apodted by a user base
> faster than greased pigs.
you're missing the point. it doesn't work, if anybody can trivially break
it, and if the security properties it purports to have aren't actually
there. you should see the porn filename generation algorithm i'm using for
gnutsmurf. :-)
> You think Gnutella is the ENDS? pah. Its another tool on the road to
> better tools whihc cycles round and round and round. Exploits hit, fixes
> come in, more exploits hit, more rethinks, cycle cycle cycle
sure, in theory. but when there are fundamental design flaws (such as
accepting arbitrary answers matching a "unique" transaction ID for a query
broadcast to any number of potentially malicious agents), good luck.
> You can wait all you want. Menawhile, back at the ranch, the big herd
> drive goes on.A few head may get lost and a few rustlers may try to cut
> out the herd, but by gum well fight them where they stand. Put on a
> bandana there little cowpoke. from all your cawing and coughing it sounds
> liek the dust is getting to you.
a fervently religious belief in the healing powers of Open Source can't
actually fix bad engineering. and fixing bugs post-deployment can be
extremely troublesome, often impossible, especially when the initial
design is so bad as to require a complete rewrite.
talk to my friend napster about that one.
-d.
--- http://www.monkey.org/~dugsong/
This archive was generated by hypermail 2b29 : Tue May 02 2000 - 11:52:18 PDT