http://lwn.net/Articles/191100/ This is a special feed containing comments posted to the individual LWN article titled "Wireless networking driver vulnerabilities". hourly 2 http://lwn.net/Articles/191351/rss 2006-07-14T08:38:35+00:00 eskild Hahaha, didn't catch that when I wrote it 8-) Thanks, your comment made me laugh.<br> <p> Re. Cobol: I think someone once said something along the lines of: "The mistakes we make will come back to haunt us, indefinitely." Well, maybe not indefinitely, but for a long while; decades. It's funny how we always underestimate how long our systems remain in production use. Technology is very uneven that way: Some (albeit few) people still run on VAX machines today, but we sometimes worry that we won't be able to read our digital content 10 years from now because of newer formats replacing the old. It's very hard to predict what has longevity and what hasn't.<br> http://lwn.net/Articles/191254/rss 2006-07-13T17:12:47+00:00 smitty_one_each From TFA:<br> <font class="QuotedText">&gt;They also examined other networking technologies including Bluetooth, Ev-Do (EVolution-Data Only), and HSDPA (High Speed Downlink Packet Access). </font><br> <p> The article wasn't clear whether or not the attacks used were staged against encrypted 802.11g networks.<br> <p> http://lwn.net/Articles/191221/rss 2006-07-13T14:45:04+00:00 mmarsh <pre> > That's a huge windows of vulnerability. ^^^^^^^ </pre> <p> Freudian slip? </p> <p> I actually heard an add on the radio recently for a company looking to hire Cobol programmers. </p> http://lwn.net/Articles/191215/rss 2006-07-13T14:08:36+00:00 eskild I think some of the reasons why securty lessons don't seem fully applied to new designs are:<br> <p> * It is really, really hard to do a good, secure design<br> * It thus takes a lot of time and effort to do<br> * But customers want "feature X" NOW, NOW, NOW, or that's at least what everybody seems to think<br> <p> Who wins? Money wins: Provide a product ASAP, even if security is mediocre, and sell tons of units. Sad part is that the customers are the ones to suffer at the end.<br> <p> Another observation is this: If a product/design with lousy security gets "first-mover" advantage in a market and sales booms, then it may live for years, perhaps decades, before being replaced with something better. That's a huge windows of vulnerability. Think Telnet, FTP, and any clear-text protocol you may care to mention. They're still with us, even though they should have been put to rest years ago. Think wireless WEP security -- "wired equivalent" security, anyone?! OMG! (On a sadistic note, think Fortran, think Cobol! (OK, Only kidding! ;-))<br> <p> Enough ranting. Thanks for reading.<br>