Wireshark-dev: Re: [Wireshark-dev] performing cpu/time intensive computation in a protocol diss

From: Paolo Abeni <paolo.abeni@xxxxxxxx>
Date: Wed, 06 Aug 2008 10:20:46 +0200
hello,

On Wed, 2008-08-06 at 09:44 +0200, Sake Blok wrote:
> I don't agree with you here. For the current decrypt functions of
> Wireshark, the user add specific additional knowledge for *their*
> setup. The information needed is private and only available to
> legitimate administrators of the systems involved.
> 
> In the case of this CVE, there is no administrator giving access to
> the private information.

I really would not to start a flame here, and I'm sorry if my pour
English does not help. 

There are a couple of thinks that should be underlined: the patch does
not use any private secret, but data publicly available and which use is
well known to be strongly discouraged.

I called the code itself a "brute force" since it try different keys,
but strictly speaking it does not belong to such attack category, since
it does not walk all the key space nor a large-enough subset of said
space.

It does not 'crack passwords'; instead it identify weak keys.

cheers,

Paolo



 
 
 --
 Email.it, the professional e-mail, gratis per te: http://www.email.it/f
 
 Sponsor:
 Stress da fax? Dimentica carta inceppata e toner esauriti. Invia e ricevi i tuoi fax sul PC. Scopri come!
 Clicca qui: http://adv.email.it/cgi-bin/foclick.cgi?mid=8147&d=6-8