Skip

The Death of TCP/IP?

August 3, 2001 9:45 PM   Subscribe

The Death of TCP/IP?
An interesting (if not paranoid) article about internet security and Windows XP. Leaves me wanting to know more. [continued inside]
posted by Hackworth (10 comments total)

 
While I must admit that I don't know enough about TCP/IP to take a solid stance on this article, I do think that raw socket access doesn't sound like a good idea, and it concerns me. Any one with better insight care to shed some light on the issue?
posted by Hackworth at 9:45 PM on August 3, 2001


I still contend that Gibson is an alarmist hack. Cringley should have read some of the stuff at the register for some balance.
posted by machaus at 9:56 PM on August 3, 2001


socket access doesn't sound like a good idea

This is anti-MS hocus-pocus. First, the bashers complained because Windows was the first major platform that ran TCP/IP and didn't support raw sockets. Now they're complaining because it does.

What's being presented as a huge danger is merely the full implementation of the TCP/IP protocol. I don't think you can find a version of Unix that doesn't have raw sockets.

Ev had a good quick refutation, and, as ever, Rafe breaks it down.

I find it hard to believe that Cringely, or any of the people who agree with his bizarre assertions in this article, are using anything other than paranoia and blind hatred of Microsoft to justify their theories that Microsoft's attempts to fully and completely implement an open standard are somehow nefarious and evil.
posted by anildash at 9:56 PM on August 3, 2001


just closinga tag here.
posted by kathryn at 9:59 PM on August 3, 2001


Check out Steve Gibson's hyperbolic analysis of Windows XP Raw Sockets support.
posted by shinybeast at 10:22 PM on August 3, 2001


what is this superfluous junk about an "internet ID"? does cringely not understand what an IP address is? he mentions them in his column, for crying out loud!

Cringely writes that "It does not have to have personal information, but if you break the law it can be traced to you."

maybe he thinks anonymizing services are evil, or something, but you don't think they won't cough up their logs if the police are looking into illegal activity? and if you don't use an anonymizing service, your IP is certainly traceable. about the only time that becomes dicey is when you deal with a fairly well-prepared cracker, who may be logging into a large number (say 10 or more) machines, one into the other into the other, via ssh to cover his tracks.

not to mention that, in a lot of cases, requiring such an ID would require revisions to most existing internet protocols -- in the example above, telnet and ssh would both need to be revised such that they pass on this internet ID to the server on the other side. talk about a pipe dream.
posted by moz at 10:40 PM on August 3, 2001


Ah, I knew it couldn't be that bad. Thanks for quelling my fears :)
posted by Hackworth at 11:56 PM on August 3, 2001


Nah, there are plenty of real and true things to bash Microsoft about. This ain't one of em. What Anil says about TCP.IP and Unix is true. We (in the Unix world) all have direct access to raw sockets.

And Cringley? He's well known for writing a lot of bullshit and passing it off as journalism...
posted by fooljay at 12:56 AM on August 4, 2001


My Mac crashed just as I was reading this article. I though the whole thing was a joke/virus or something.
posted by ParisParamus at 5:00 AM on August 4, 2001


I think the way that Thawte does their personal encryption certificates (You sign up, find two to three people in your area who are already trusted members, and they sign off that you're who you say you are and you get a certificate for free, or whatever the trusted members charge to sign off on you) will take off if people ever become concerned about what this guy is concerned about.
posted by SpecialK at 11:19 PM on August 4, 2001


« Older Yahoo! Mail adds offers mailto: support.   |   Can someone, anyone, please help Eric? Newer »


This thread has been archived and is closed to new comments



Post