September 6: Garfinkle, technologies and tales from the crypt()

In the news...

• From BugTRAQ: local exploits in libc
• Locally: breakins to 183 systems
• RSA patent released: RSA's FAQ, a slashdot story thread, and a nice explanation posted to the thread.

Fundamentals: problems, solutions

• Solution: crypt() function: 2**56 (7.2*10^16) combinations, no waiting. /etc/passwd, /etc/shadow, making things better with md5
• Problem: Buffer overflow 101: Make a variable, put too much inside. What happens? It depends. See overflow

Garfinkle chapters 1-3

• Summarize the main points
• Is Garfinkle trustable? Did he do research?
• What is his bias?
• For debate: What if consumer rights were stronger?