from the please-avoid-the-obvious-holes dept.
tygerstripes writes "The Register has a story about the discovery of a flaw in part of the IPv6 specification which has experts scrambling to have the feature removed, or at least disabled by default. From the article: 'The specification, known as the Type 0 Routing Header (RH0), allows computers to tell IPv6 routers to send data by a specific route. Originally envisioned as a way to let mobile users to retain a single IP for their devices... RH0 support allows attackers to amplify denial-of-service attacks on IPv6 infrastructure by a factor of at least 80.' Paul Vixie, president of the Internet Systems Consortium, described the fault bluntly. 'It can be exploited by any greedy Estonian teenager with a $300 Linux machine.'"
We can found no scientific discipline, nor a healthy profession on the
technical mistakes of the Department of Defense and IBM.
-- Edsger Dijkstra