• JPJ (unregistered)

    If you intentionally weaken a cryptographic system so that some people can bypass it, you've created a system which anyone can bypass.

    This is all too easy. Simply analyze traffic according to RFC 3514, and only apply proper cryptography to all legit usecases. Problem solved.

  • no (unregistered) in reply to JPJ

    RFC 3514 is just about the stupidest idea I've ever read. It is a utopian pipe dream which may never be accomplished because of its fundamental incompatibility with how the world works. The document has no basis in anything even approaching reality, for one simple reason: There are simply too many preexisting devices which do not implement it and will never be realistically updated to conform to RFC 3514. Bolting it on after the fact in the form of an extension is impossible, the evil bit should have been in IPv4 from the very start.

  • Hans (unregistered)

    Do note the publication date of that RFC 3514

  • (nodebb) in reply to no

    RFC 3514 is just about the stupidest idea I've ever read.

    Before saying things like this, please read the RFC very carefully, especially the date of publication. Geeeeeezussss.

  • (nodebb)

    Everybody gotta be a noob sometime. Today is no's day.

  • Vera (unregistered) in reply to Steve_The_Cynic

    I think No may be joking, given the comment about the Evil Bit at the very end.

  • (nodebb) in reply to WTFGuy

    Such a shame there's no "like" button on these "forums"...

  • Sauron (unregistered)

    JUST NERD EVEN HARDER!

  • Officer Johnny Holzkopf (unregistered)

    In the beginning, there was FILE *f1 = 0;, which should have been FILE *f1 = NULL; to illustrate that FILE * is a pointer. If you do it, do it consistently (even if it's not needed, dangerous, or plain wrong). Later on, regrding MY_FREE: Checking a pointer for not being NULL before calling free() isn't actually required. Current malloc implementations simply do nothing if you call free(NULL);, as seen in the manual, so no problem. Additionally, it seems like someone believes that calling p = NULL; will magically erase from memory whatever p has been pointing to, violating the rule that thou shalt nott touch ay pointre after free()ing... but hey, don't worry, next week they're going to build secure online banking software!

  • Pabz (unregistered) in reply to Steve_The_Cynic

    I suspect that "no" understands all this and was trying to joke just as much as "JPJ". It does beg the question though - should the evil bit have been added to IPv6 from the start? :)

  • (nodebb)

    Wait, nobody has pointed out Remy's mistake yet? The function does not always return 0!

  • RLB (unregistered)

    Actually, there is something wrong with checking a pointer for NULL before freeing it: as anyone who knows C knows, free(NULL) is guaranteed to be a safe no-op.

  • JPJ (unregistered) in reply to no
    Comment held for moderation.
  • (nodebb)
    Comment held for moderation.
  • (nodebb) in reply to Planar

    True enough. One time in 256 it returns 1...

  • (nodebb) in reply to RLB

    I think the guarantee about free(NULL) was a later add-on, not in the original C, so many old-timers used their own checks, and the habit persists to this day.

  • Argle (unregistered)
    Comment held for moderation.
  • (nodebb) in reply to Barry Margolin

    I hope not, seeing as how free(NULL) is a no-op at least as long ago as C89...

  • Duston (unregistered) in reply to Steve_The_Cynic
    Comment held for moderation.

Leave a comment on “Secure Cryptography”

Log In or post as a guest

Replying to comment #:

Log Out

« Return to Article