Journal: News & Comment

Tuesday, April 27, 2004
# 11:05:00 AM:

TCP Internet bug whazzit?

Permalinks to this entry: individual page or in monthly context. For more material from my journal, visit my home page or the archive.

Attempts to explain the recent TCP Internet vulnerability have been hampered by its obscurity. It's pretty hard to talk about something that could affect a wide swath of the Internet, but that involves the kinds of technical minutiae that took dozens of PhDs years to formulate in the first place.

Glenn Fleishman of TidBITS, however, does an excellent job of outlining the whole thing today. I particularly like this part:

Before 2001, researchers [...] viewed [the problem] as a guess-what-number-I'm-thinking game, where the number guessed turned out to always be wrong.

In 2001, researchers discovered new information about the problem that made them change the game. It became, "I'm thinking of a number between one and four billion." It would take four days to four years to win that game randomly, they said.

Now, however, the latest weakness could be stated as, "I'm thinking of a billion numbers between one and four billion. Guess any one of those." Computationally, it's a much easier problem to solve, with probabilities as high as 1 in 4.


Journal Archive »

Template BBEdited on 29-Apr-2010

Site problems? Gripes? Angst? - e-mail
Site contents © 1997–2007 by Derek K. Miller

You may use content from this site non-commercially if you give me credit, under the terms of my Creative Commons license.

eXTReMe Tracker