CIS, AOL share flaws of BASIC authentication

Rohit Khare (khare@pest.w3.org)
Wed, 27 Dec 95 15:57:36 -0500


From: http://www.zdnet.com/~pcweek/katt/the_furry_one.html

> A couple of the Katt's networking buddies were monitoring
> their local network, attempting to prove or disprove
> whether AOL and CompuServe encrypt their passwords before
> sending or not at all. They use network modems and have
> an Internet connection through a firewall. Simply put,
> both AOL and CompuServe passwords are in clear text, they
> told the Katt. This makes it relatively easy for any
> sniffer-type software to collect these passwords, they
> contend. Spence hears the next revision of AOL will
> include encrypted passwords.

---------------------------------

Don't look for any high-performance Java apps (read: "video games") any time
soon. Developers who've asked Sun for access to video frame buffers have been
given a flat no, Spence hears. Seems that if Java provides a pointer to the
frame buffer, it would be an open door to just about any other memory location
in a system.Once you have a pointer, you have a pointer. The opportunity for
system hackers to stomp around in your personal PC would be enormous.

...

The Northwest got a major windstorm on Dec. 12, and some of the media were
starting to call it Wind 95, noting its likeness to a different Northwest
product, said one anti-MS tipster. The two had similarities, such as Wind 95
was a major (for the region) event of the decade, it was late in arriving,
there was lots of media coverage, it left a lot of people in the dark, and it
was a mess to clean up.