Newsgroups: sci.crypt
Path: msuinfo!uchinews!linac!uwm.edu!src.honeywell.com!umn.edu!cs.umn.edu!lynx!nmsu.edu!opus!ted
From: ted@nmsu.edu (Ted Dunning)
Subject: Re: two feasible attacks on DE's software
In-Reply-To: mjr@hussar.dco.dec.com's message of 6 Feb 92 02:18:51 GMT
Message-ID: <TED.92Feb7144433@pylos.nmsu.edu>
Sender: usenet@nmsu.edu
Reply-To: ted@nmsu.edu
Organization: Computing Research Lab
References: <a_rubin.697219051@dn66> <1992Feb5.154129.4612@blaze.cs.jhu.edu>
	<TED.92Feb5173120@lole.nmsu.edu> <1992Feb6.021851.3249@decuac.dec.com>
Distribution: usa
Date: Fri, 7 Feb 1992 21:44:33 GMT


In article <1992Feb6.021851.3249@decuac.dec.com> mjr@hussar.dco.dec.com (Marcus J. Ranum) writes:

   >it _is_ necessarily more vulnerable than unix based software
   merely by >the fact that it is running under msdos.

	   Oh, horsesh**. If one has the proper privs, scanning
   terminal clists is merely an excercise in programming.

if one has the proper privs, the game is over in any case.  the
equivalent case is one in which somebody else has prior physical or
network access to your pc which is usually decidedly easier to
accomplish than breaking root on most unix system
