Slashdot: On Microsoft, Kerberos, Slashdot, and Trade SecretsMay 16, 2000, 22:48 (0 Talkback[s])
(Other stories by Michael Chaney)
"A few months ago at an NLUG meeting, I jokingly asked a presenter to reveal his root password to the assemblage, adding "it's just us, we won't tell anybody." The "us" in this case referred to the 50 or so people in the room, and we had a chuckle while the presenter wisely decided against giving us his password."
"The point of this story is something that we all know to be obvious: the level of secrecy afforded a piece of information by a recipient of that information is directly related to the way in which the secret piece of information is passed along. A password freely given to all in a user group meeting wouldn't be held in much confidence by the people present; they wouldn't really consider it a secret."
"Likewise, it's difficult for anyone to consider a document to be a trade secret if it's posted on a website for anybody to freely download. Yet this is precisely the manner in which Microsoft is distributing their "Microsoft Authorization Data Specification v. 1.0 for Microsoft Windows 2000 Operating Systems," which we know is nothing more than a slightly modified version of Kerberos."