On Wed, 25 Feb 2004, Seak, Teng-Fong wrote: > Talking about security, there's one severe bug that needs to be > corrected. Months ago, someone reported that even though we could > define a long password, but the effective number of letters is only 8 > (eight)! > > I've tested with VNC 4b4 and the bug is still there. Could > someone take a look into it?
An aside: Solaris always worked this way too, but they seem to have fixed the problem in Solaris 9: http://www.computing.net/solaris/wwwboard/forum/4081.html Too late for me though - I think I'm going to go with Linux henceforth! > On the other hand, it would nice if it is possible to define the > password without GUI. Those who have used RSA would see what I'm > thinking about. I'm thinking about a similar system. On the server > side, I could use an algorithm to generate a random password every n > minutes for VNC. On the client side, I could use the same algo to give > me the password. This way, brute force hacking risk could be reduced > tremendously. That's a neat idea, so long as you only want to connect from one machine and they two machines have well-synced clocks! Mike _______________________________________________ VNC-List mailing list [EMAIL PROTECTED] To remove yourself from the list visit: http://www.realvnc.com/mailman/listinfo/vnc-list
