"A few months ago at an NLUG meeting, I jokingly asked a
presenter to reveal his root password to the assemblage, adding
"it's just us, we won't tell anybody." The "us" in this case
referred to the 50 or so people in the room, and we had a chuckle
while the presenter wisely decided against giving us his
"The point of this story is something that we all know to be
obvious: the level of secrecy afforded a piece of information by a
recipient of that information is directly related to the way in
which the secret piece of information is passed along. A
password freely given to all in a user group meeting wouldn't be
held in much confidence by the people present; they wouldn't really
consider it a secret."
"Likewise, it's difficult for anyone to consider a document to
be a trade secret if it's posted on a website for anybody to freely
download. Yet this is precisely the manner in which Microsoft is
distributing their "Microsoft Authorization Data Specification v.
1.0 for Microsoft Windows 2000 Operating Systems," which we know is
nothing more than a slightly modified version of Kerberos."