The gist is that CIPE, vtun and tinc–three popular open-source tunneling protocols–are terribly flawed. The worst part is that these flaws have been known for years but nobody has done anything about them.
As Peter says in the posting:
At least Microsoft eventually tries to fix their stuff, given sufficient public embarrassment and the odd hundred thousand or so computers being taken out by attackers.
I love this quote too…
Whenever someone thinks that they can replace SSL/SSH with something much better that they designed this morning over coffee, their computer speakers should generate some sort of penis-shaped sound wave and plunge it repeatedly into their skulls until they achieve enlightenment.