RE: [PHP] crack lib
Hey, what is everyone talking about? What is the new crack lib functionality? Is it in the docs yet? TIA Kirk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] crack lib
* Johnson, Kirk ([EMAIL PROTECTED]) [Dec 28. 2001 10:54]: Hey, what is everyone talking about? What is the new crack lib functionality? Is it in the docs yet? http://download.php.net/manual/en/ref.crack.php http://www.zugeschaut-und-mitgebaut.de/php/extension.crack.html -- Brian Clark | Avoiding the general public since 1805! Fingerprint: 07CE FA37 8DF6 A109 8119 076B B5A2 E5FB E4D0 C7C8 STATUS QUO is Latin for the mess we're in. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] crack lib
If the crack lib functions are for cracking passwords or other non commerce/offensive/hacker efforts, I strongly object to their inclusion in the functions of PHP. The PHP/Apache community does not need to give the gates/microsoft/.net community any ammunition for bad publicity. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] crack lib
On Thu, 2001-12-27 at 19:12, Dennis Gearon wrote: If the crack lib functions are for cracking passwords or other non commerce/offensive/hacker efforts, I strongly object to their inclusion in the functions of PHP. The PHP/Apache community does not need to give the gates/microsoft/.net community any ammunition for bad publicity. Object away. They exist because they exist and are useful. The concepts have been around for years and are easily implemntable in any programming language. That's the value and risk of freedom - it cuts both ways. Billy -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] crack lib
This could easily and quickly lead to a philosophical argument about the merits of such software/libraries/etc. Is the best way to secure software and hardware to take away the resources to try to break them? This only leads to more and more poor programming. As long as these tools are out there, it should keep all of us on our toes, and programming with security constantly on our minds. Removing those functions give the gates/Microsoft/.net community an excuse to keep programming the way they have always been. -Original Message- From: Billy Harvey [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 27, 2001 4:29 PM To: [EMAIL PROTECTED] Subject: Re: [PHP] crack lib On Thu, 2001-12-27 at 19:12, Dennis Gearon wrote: If the crack lib functions are for cracking passwords or other non commerce/offensive/hacker efforts, I strongly object to their inclusion in the functions of PHP. The PHP/Apache community does not need to give the gates/microsoft/.net community any ammunition for bad publicity. Object away. They exist because they exist and are useful. The concepts have been around for years and are easily implemntable in any programming language. That's the value and risk of freedom - it cuts both ways. Billy -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] crack lib
I also subscribe to the opinions against your objection. David has a very good point I would've made hadn't he beat me to it: As long as these tools are out there, it should keep all of us on our toes, and programming with security constantly on our minds. Bogdan Dennis Gearon wrote: If the crack lib functions are for cracking passwords or other non commerce/offensive/hacker efforts, I strongly object to their inclusion in the functions of PHP. The PHP/Apache community does not need to give the gates/microsoft/.net community any ammunition for bad publicity. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] crack lib
On Thu, 27 Dec 2001 16:12:06 -0800 Dennis Gearon [EMAIL PROTECTED] mentioned: If the crack lib functions are for cracking passwords or other non commerce/offensive/hacker efforts, I strongly object to their inclusion in the functions of PHP. The PHP/Apache community does not need to give the gates/microsoft/.net community any ammunition for bad publicity. Crackers won't be using php to crack passwords. What cracklib can do in php is allow web applications to be developed for ensuring the security of your password files. When you have a system with over 500 passwords on it, I guarantee that many of them will be easily crackable. Good system administrators run their password files through crackers from time to time for the purpose of ensuring that if the root account is compromised, that it would extremely difficult for the cracker to get passwords that belong to users (passwords that the users will very likely use on other machines- and very likely use again on the compromised system). There is nothing wrong with php being used for this purpose. There is nothing wrong with a php wrapper to cracklib. That's what php is, btw. primarily- A wrapper language. They don't develop cracklib- php just can be used as a wrapper to it. I don't like politics and coding mixing. And I don't think something should be left out due to politics. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]