Feds, industry battle the biggest network bug (The Register)

[Pam R]

On Wednesday 12 June 2002 8:35 pm, Terence McCarthy wrote:
> This story (http://www.theregister.co.uk/content/55/25693.html) talks about
> the ASN.1 problems. To a neophyte of the protocols etc., of the internet it
> seems worrying: to a computer user the following is frightening:
>
> "So severe are the potential ramifications of widespread ASN.1 security
> holes, that President Bush was personally briefed on the matter, according
> to cyber security czar Richard Clarke, speaking at a meeting of the
> National Security Telecommunications Advisory Committee (NSTAC) last
> March."
>
> Then:
>
> "With that mandate, Howard Schmidt, FORMER MICROSOFT SECURITY CHIEF (my
> caps) and newly-appointed vice chairman of the President's Critical
> Infrastructure Protection Board, created a full-time "Cyber Interagency
> Working Group" in February to examine the government's vulnerability to
> ASN.1 implementation holes."
>

And another quote from the story:
"Additionally, programmers often borrow and reuse code from prior 
implementations of a protocol, or from open-source software, taking the flaws 
along with it. "

Naughty naughty programmers to be relying on open-source rubbush.

Pam
--
Tony Blair and Bill Gates are my heroes.