Comments on: Oooh MD5 http://www.scienceaddiction.com/2005/06/16/oooh-md5/ a lot of geek. Mon, 30 Aug 2010 03:58:48 +0000 hourly 1 http://wordpress.org/?v=3.0 By: DevanJedi http://www.scienceaddiction.com/2005/06/16/oooh-md5/comment-page-1/#comment-4 DevanJedi Mon, 20 Jun 2005 21:16:47 +0000 http://www.scienceaddiction.com/2005/06/16/oooh-md5/#comment-4 I have no issue with you being impressed with the person asking the question; I have trouble with the way the story was presented on C-Net. First off, they say it was a Microsoft event- not an internal hacker con. Also the only reason we are expected to be impressed is because it's the guy in-charge of Windows (which is how C-net's Fried described the guy); if Linus Torvalds asked about MD5 people would have yawned. And yes, I have met senior management and I know how they can get; but I refuse to view Microsoft in a different light because their senior management knows enough to ask about MD5. Like I said, all of this is an issue only because we are talking about Microsoft. If the senior management of any other company was interested in a security issue, people would take it in their stride. I have no issue with you being impressed with the person asking the question; I have trouble with the way the story was presented on C-Net. First off, they say it was a Microsoft event- not an internal hacker con. Also the only reason we are expected to be impressed is because it’s the guy in-charge of Windows (which is how C-net’s Fried described the guy); if Linus Torvalds asked about MD5 people would have yawned. And yes, I have met senior management and I know how they can get; but I refuse to view Microsoft in a different light because their senior management knows enough to ask about MD5. Like I said, all of this is an issue only because we are talking about Microsoft. If the senior management of any other company was interested in a security issue, people would take it in their stride.

]]> By: Dan Kaminsky http://www.scienceaddiction.com/2005/06/16/oooh-md5/comment-page-1/#comment-3 Dan Kaminsky Mon, 20 Jun 2005 20:45:26 +0000 http://www.scienceaddiction.com/2005/06/16/oooh-md5/#comment-3 As I wrote on Slashdot... It wasn't so much the question, as the unexpected nature of it. I'd just finished talking about very different things -- video over DNS, backtunnelling through dual-hosted name servers, etc -- and it had been about 20 minutes since I'd mentioned that, *if* someone asked, I'd show what was wrong with MD5. No matter. This guy -- I had no idea who he was at the time -- heard something he needed to precisely understand, and got his answer at his first opportunity. It's kind of cool that senior management at Microsoft a) showed up at an internal hacker con and b) knew enough to not only understand what I was talking about, but was interested enough to demand more. Dude. Have you met anyone in senior management? There's a reason so many people relate to the Dilbert PHB. As I wrote on Slashdot…

It wasn’t so much the question, as the unexpected nature of it. I’d just finished talking about very different things — video over DNS, backtunnelling through dual-hosted name servers, etc — and it had been about 20 minutes since I’d mentioned that, *if* someone asked, I’d show what was wrong with MD5.

No matter. This guy — I had no idea who he was at the time — heard something he needed to precisely understand, and got his answer at his first opportunity.

It’s kind of cool that senior management at Microsoft a) showed up at an internal hacker con and b) knew enough to not only understand what I was talking about, but was interested enough to demand more.

Dude. Have you met anyone in senior management? There’s a reason so many people relate to the Dilbert PHB.

]]>