On Mon, Jun 06, 2005 at 07:05:23PM -0400, Steve Shockley wrote: > Ray Percival wrote: > >To start with http://www.schneier.com/pptp.html and also because I for > >one don't trust *any* security related code that I can't get the source > >for. I think I'm not alone here by any means. > > You're talking about PPTP, I'm talking about IPsec. > > >Fact of the matter is we can look at the OpenSSH code and see if the > >problems that we know about are fixed or not. You can't do that with > >closed source. So do you really want to trust your data going over a > >public network to a vendor with Microsoft's rep for getting crypto and > >security wrong? > > You're talking about MS PPTP vs. OpenSSH, I'm talking about MS IPsec VPN > vs. third-party VPN hardware (Checkpoint, Intel, Cisco). Yeah. All of that is just proof of how they don't get it and never will. I run nearly 300 site to site VPN tunnels. Try doing that with a MS built in VPN. Also I've used all of the above, very likely far more than you have, I don't trust *any* of them simply because nobody I trust has audited the code. >
-- BOFH excuse #25: Decreasing electron flux [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]
