Slashdot Mirror

← Back to Stories (view on slashdot.org)

Whit Diffie Comments On .NET security

Posted by timothy on from the lack-thereof dept.

An Anonymous Coward writes: "Whit Diffie and Susan Landu (both of Sun Microsystems) comment on why .NET is a bad idea and is in many ways in conflict with the US political struture and ideals." This is a good read, but of course Sun has their own plans and motivations in this field.

7 of 258 comments (clear)

  1. Independent Observer by JohnHegarty · · Score: 2, Insightful

    "This is a good read, but of course Sun has their own plans and motivations in this field. "

    We yes... not exactly an independent observer.

    --
    Cruise TT
  2. Stuck In The Middle With You by Brontosaurus+Jim · · Score: 3, Insightful

    I think Steeler's Wheel said it best when they sung "Stuck In The Middle With You"... as, in a way, we're stuck in the middle with Sun.

    Microsoft and Congress are surrounding us, working either with monopoly power or governmental force, and, though nothing truly bad bas happened yet, it's only a matter of time.

    This strange coalition isn't good for everyone though, and Sun is aware of that. At this point we (the Open Source People) should indeed be cautious of Sun, but not overly so. They have good reason to be with us on this, and we shouldn't be so quick to dismiss them

    Not that we should worship them either... once we beat down Passport they'll probably come up with their own worse version.

    But for now... hell... they're anti-passport, and right now that's all that matters...

  3. Theft is not the true liability by crumbz · · Score: 4, Insightful

    The fact that Microsoft software and consequently it's databases can be cracked is not the issue. The issue is that Microsoft is controlling the database itself. The whole is greater than the sum of its parts in this case. The sheer political will that can be wielded by Microsoft as enabled by a universal database is frightening.

    At what point do the privacy activists have to take up guns (real or virtual) to stop this shit?

  4. This isn't really a criticism of .NET. by megabeck42 · · Score: 4, Insightful

    They really aren't criticizing .NET languages, software, or architecture. Microsoft is positioning it's passport system to collect phenomenal amounts of information about people without their knowledge. Hence, the attack on privacy.

    --
    fnord.
  5. Secrets & Lies by Khelder · · Score: 2, Insightful

    For more about why programs are getting less secure as time goes by, not more (and other interesting security-related topics, too), I highly recommend Secrets & Lies: Digital Security in a Networked World by Bruce Schneier. (/. had a review of it last year.)

  6. I suspect Whitt has a different point by Zeinfeld · · Score: 4, Insightful
    Reading the article again I think it is quite likely that Whitt has quite a different target in mind from the one that people think.

    Although Whitt 'invented' Public Key Cryptography he is not a cryptographer in the sense many on the list seem to think. He is not interested much in algorithms, of the 20 odd times I have heard him speak in public or private I can only recall one occasion where we were discussing an algorithm and that was in the context of the Venona decrypts.

    Whitt's almost exclusive interest is public policy concerning privacy and security. While Whitt has probably cleared his talk through Sun's PR office he is quite obviously the instigator of the piece.

    The point he is making is much broader than .NET, as I am sure Whitt will explain later on. For the time being however it makes tactical sense to identify the problems with newly proposed schemes even though the real exposure comes from existing databases.

    What I believe Whitt is up to is re-interpreting the privacy concerns of the pre 9/11 world as security threats in the post 9/11 world.

    --
    Looking for an Information Security student project suggestion?
    Try http://dotcrimeManifesto.com/
  7. Re:Solid arguments by Frums · · Score: 2, Insightful

    Whitfield Diffie can hardly be considered a Sun pawn, and all of the trolls implying that he is, and that this article is garbage, are just that: meanigless trolls.

    Diffie is a highly respected researcher in cryptography and security. As the article points out, in a funny way, "Diffie is also the co-inventor of public-key cryptography." The Diffie-Hellman algorithm was the first publicly known instance of public-key cryptography, AND is still used today by the like of PGP and GPG. (I say publicly known because there is some evidence that the NSA and other state security outifits in China and Britain) had created or at least researched public-key cryptography. It is safe to assume that the Diffie and Hellman knew nothing about these efforts however when they published their origin al paper, whose exact title I cannto remember but is somehting like "ideas for cryptography")

    -Frums