Hi, On Thu, 22 Feb 2007, Anthony Liguori wrote:
> Johannes Schindelin wrote: > > > > On Thu, 22 Feb 2007, Luke-Jr wrote: > > > > > Yes. The authentication is not really secure. It only uses 16 bits if I > > > remember correctly, so even without access to <filename>, it can be > > > easily broken. > > > > > > The common practice is to block after 3 attempts, but there are ways > > > around that, too. > > > [Why do you quote me as if Luke was quoted?] > For all practical purposes, it's a plain-text equivalent authentication > mechanism. However, it's widely supported, and provides a useful > feature so it's worth supporting. This invariably leads to user confusion. ("But I _did_ use encryption? What do you mean, it is not encrypted, and the handshake is weak?") Ciao, Dscho BTW Anothony, now that I already have you on the subject of VNC, do you have any plans on making the documentation on http://www.realvnc.com/docs/rfbproto.pdf a little more useful for the extensions you registered? _______________________________________________ Qemu-devel mailing list Qemu-devel@nongnu.org http://lists.nongnu.org/mailman/listinfo/qemu-devel