POV-Ray: Newsgroups: povray.off-topic: Is this the end of the world as we know it?: Re: Is this the end of the world as we know it?

POV-Ray : Newsgroups : povray.off-topic : Is this the end of the world as we know it? : Re: Is this the end of the world as we know it?		Server Time 30 Jul 2024 18:15:18 EDT (-0400)

From: Invisible
Date: 18 Oct 2011 04:12:35
Message: <4e9d34f3$1@news.povray.org>

On 17/10/2011 07:10 PM, Darren New wrote:

> Um, lots, yes. You think there haven't been any new internet protocols
> since mid-1990's?

Basically, yes?

>> 3. Since old versions of Windows send everything unencrypted, you would
>> think that means that new versions have to send everything unencrypted
>> too,
>> for the sake of backwards compatibility.
>
> Unless the protocol was invented after SSL, at which point there is no
> backward compatibility requirements with pre-encryption protocols.

Active Directory uses Kerberos authentication, but by default it still 
generates weak-arse LANMAN password hashes for backwards compatibility. 
So it doesn't matter how strong Kerberos may or may not be, because you 
can just attack LANMAN instead.

That's just one example of how backwards compatibility tends to 
completely ruin any attempt at security.

Post a reply to this message