This post originated from an RSS feed registered with .NET Buzz by Peter G Provost. Original Post: Linux Secure Tunnel Protocols Slammed Feed Title: Peter Provost's Geek Noise Feed URL: /error.aspx?aspxerrorpath=/Rss.aspx Feed Description: Technology news, development articles, Microsoft .NET, and other stuff... Latest .NET Buzz Posts Latest .NET Buzz Posts by Peter G Provost Latest Posts From Peter Provost's Geek Noise

This post on Slashdot pointed me to this message on The Cryptography Mailing List by Peter Gutmann.

The gist is that CIPE, vtun and tinc--three popular open-source tunneling protocols--are terribly flawed. The worst part is that these flaws have been known for years but nobody has done anything about them.

As Peter says in the posting:

At least Microsoft eventually tries to fix their stuff, given sufficient public embarrassment and the odd hundred thousand or so computers being taken out by attackers.

I love this quote too...

Whenever someone thinks that they can replace SSL/SSH with something much better that they designed this morning over coffee, their computer speakers should generate some sort of penis-shaped sound wave and plunge it repeatedly into their skulls until they achieve enlightenment.