Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Why is IRC still around?
From: stephane nasdrovisky <stephane.nasdrovisky () paradigmo com>
Date: Sat, 20 Nov 2004 16:45:51 +0100

Micheal Espinola Jr wrote:

Is SMTP bad?  Yes.

Why?  Because they are simple and basic protocol  implementations
Are or were ? smtp supports tls for example (I dropped irc because I have very little knowledge about it).

Not that they aren't efficient and easy, but
they certainly have their shortcomings in terms of security and AAA.
smtp supports both plaintext (login/password) and tls/certificate authentications. Configuration is not a technology issue but a sysadmin issue.

We need to move forward with technology.  Or would you rather be like
Microsoft - and attempt to be backward compatible for all-time - and
continue to use products that have fundamental flaws in them?

smtp is backward compatible with fossile like technology (sendmail comes to mind as it have a 'good' bugs record) but also 21th century technology aware (s/mime, tls). Much could be said against protocols such as rpc, ftp, telnet, iiop, http, ... but some/most of them are also supporting some somewhat new technology (encryption, authentication, ...) some of them do not add much value when used over the internet (rpc comes to mind) these are more lan protocols. Microsoft don't try to be backward compatible: w2k is not backward compatible with nt or dos, even xp sp2 is not backward compatible with xp sp1:-)

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]