>It seems that the number of characters in the password is limited to only
>8. Is there any way of extending the number? (I'm thinking the longer the
>password the smaller the risk is of someone hacking into the VNC-computer.)
Unfortunately the 8-character limit is built into the current version of
the protocol. Better security is one of the things we were discussing a
few weeks ago, but that subject has (as usual) died. It wouldn't be hard
to simply add a better password checker to VNC - use a new authentication
number, lengthen the challenge/response and the allowable password size,
and then convince everyone to implement it in their version of the VNC
software.
The main sticking point is to try and work around some theoretical "Man in
the Middle" attacks which have been brought to our attention, and which
prove to be decidedly non-trivial to solve (the 'good' news is that the
same is true for almost every other protocol which sometimes has to be used
on an untrusted client with no permanent storage).
--------------------------------------------------------------
from: Jonathan "Chromatix" Morton
mail: [EMAIL PROTECTED] (not for attachments)
big-mail: [EMAIL PROTECTED]
uni-mail: [EMAIL PROTECTED]
The key to knowledge is not to rely on people to teach you it.
Get VNC Server for Macintosh from http://www.chromatix.uklinux.net/vnc/
-----BEGIN GEEK CODE BLOCK-----
Version 3.12
GCS$/E/S dpu(!) s:- a20 C+++ UL++ P L+++ E W+ N- o? K? w--- O-- M++$ V? PS
PE- Y+ PGP++ t- 5- X- R !tv b++ DI+++ D G e+ h+ r- y+
-----END GEEK CODE BLOCK-----
---------------------------------------------------------------------
To unsubscribe, send a message with the line: unsubscribe vnc-list
to [EMAIL PROTECTED]
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------
