> Since we all know telnet is horrible in this day and age, why isn't it > dropped entirely? > them find another way. Shouldn't we just end the debate and > get rid of it?
If the OS vendors are prepared to supply an alternative client capable of supporting encrypted traffic with their operating systems free of charge, then you have a prayer of doing this. BTW, the free client has to be supported on every platform and work with every customized environment that IT departments dream up, including the ones that disable Java and Javascript by default, and on operating systems that don't have a working Java implementation yet. That's why telnet still exists, and why it's still necessary to have it. I do find it interesting that while most of the Linux vendors now ship their distributions with only ssh turned on, many of the other OSes still ship with cleartext telnet as the default, including z/OS, AIX and z/VM. I wonder whether anyone at IBM has considered shipping Host on Demand by default with *every* OS and closing down the cleartext telnet on the default systems on all the eServer platforms. They can't be making that much money on HOD, and it'd be a significant statement about taking responsibility for security that MS and Sun aren't making. -- db
