Hi,
On Thu, 22 Feb 2007, Anthony Liguori wrote:
> Johannes Schindelin wrote:
> >
> > On Thu, 22 Feb 2007, Luke-Jr wrote:
> >
> > > Yes. The authentication is not really secure. It only uses 16 bits if I
> > > remember correctly, so even without access to <filename>, it can be
> > > easily broken.
> > >
> > > The common practice is to block after 3 attempts, but there are ways
> > > around that, too.
> > >
[Why do you quote me as if Luke was quoted?]
> For all practical purposes, it's a plain-text equivalent authentication
> mechanism. However, it's widely supported, and provides a useful
> feature so it's worth supporting.
This invariably leads to user confusion. ("But I _did_ use encryption?
What do you mean, it is not encrypted, and the handshake is weak?")
Ciao,
Dscho
BTW Anothony, now that I already have you on the subject of VNC, do you
have any plans on making the documentation on
http://www.realvnc.com/docs/rfbproto.pdf a little more useful for the
extensions you registered?
_______________________________________________
Qemu-devel mailing list
Qemu-devel@nongnu.org
http://lists.nongnu.org/mailman/listinfo/qemu-devel
