![[Creative
Commons License - You may reuse my original content from this site non-commercially, with attribution.]](https://www.penmachine.com/images/somerights.gif){kind=small}
![[RSS syndication feed]](https://www.penmachine.com/images/rssfull.gif){kind=small}
![[RSS comments feed]](https://www.penmachine.com/images/rss_comments.gif){kind=small}
![[Penmachine Podcast]](https://www.penmachine.com/images/rsspodcast.gif){kind=small}
![[Powered by Blogger]](https://www.penmachine.com/images/blogger_button.gif "Blogger powered"){kind=small}
![[Powered by BlogRolling]](https://www.penmachine.com/images/blogrolling_button.gif "Blogrolling makes the link list"){kind=small}
![[Layout with CSS and no tables]](https://www.penmachine.com/images/css_tableless.gif){kind=small}
![[Viewable with any browser]](https://www.penmachine.com/images/allbrowsers_button.gif){kind=small}
![[Meets U.S. Section 508a accessibility guidelines]](https://www.penmachine.com/images/sec508a.gif){kind=small}
![[Weblog Commenting by HaloScan.com]](https://www.penmachine.com/images/haloscan.gif){kind=small}
TCP Internet bug whazzit?
Permalinks to this entry: individual page or in monthly context. For more material from my journal, visit my home page or the archive.
Attempts to explain the recent TCP Internet vulnerability have been hampered by its obscurity. It's pretty hard to talk about something that could affect a wide swath of the Internet, but that involves the kinds of technical minutiae that took dozens of PhDs years to formulate in the first place.
Glenn Fleishman of TidBITS, however, does an excellent job of outlining the whole thing today. I particularly like this part:
Before 2001, researchers [...] viewed [the problem] as a guess-what-number-I'm-thinking game, where the number guessed turned out to always be wrong.
In 2001, researchers discovered new information about the problem that made them change the game. It became, "I'm thinking of a number between one and four billion." It would take four days to four years to win that game randomly, they said.
Now, however, the latest weakness could be stated as, "I'm thinking of a billion numbers between one and four billion. Guess any one of those." Computationally, it's a much easier problem to solve, with probabilities as high as 1 in 4.
