Re: Maybe It's Snake Oil All the Way Down
On Wed, Jun 04, 2003 at 07:15:13PM -0400, John Kelsey wrote: | At 03:50 PM 6/3/03 -0700, Eric Blossom wrote: | ... | GSM and CDMA phones come with the crypto enabled. The crypto's good | enough to keep out your neighbor (unless he's one of us) but if you're | that paranoid, you should opt for the end-to-end solution. The CDMA | stuff (IS-95) is pretty broken: *linear* crypto function, takes 1 | second worst case to gather data sufficient to solve 42 equations in | 42 unknowns, but again, what's your threat model? Big brother and | company are going to get you at the base station... | | Big brother has a limited budget, just like the rest of us. If he has to | produce a warrant or tap a wire somewhere to listen in on me, he probably | won't bother. | | The only thing protecting my cellphone calls right now is trivially-broken | encryption, the need for some moderately expensive equipment, and some laws | prohibiting cellphone eavesdropping. That means that some bad guys may be | eavesdropping now, and there's no telling how many bad guys will be doing | so tomorrow. Nobody here knows how much eavesdropping is being done, More bad guys will be listening tomorow, because SDR and Moore's law will drive down the cost. At some point, we'll hit a knee in the curve, and cell phones will be either made more secure, or we'll live with the fact that all our calls are being listened to, much like the Brits are always on video. Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Why is there a solution, Declan?
Declan interviews Bruce Sterling, on news.com.com.com: http://news.com.com/2008-1082_3-1010864.html?tag=fd_nc_1 -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: The Streisand imagecriminal lives 2-3 parcels away from me
On Tue, Jun 03, 2003 at 11:00:07AM -0400, Sunder wrote: | That's all nice and good, but why should it be on cypherpunks? Where's | the relevance to this list? Why is Ken, or his addres or helipad an | interest to the cypherpunks? Why is PGE's monopolistic's actions against | him relevant to the topics of this list? | | What's next? The Cypherpunk Equirer? We can hope they return. http://www.haven.boston.ma.us/~benji/wheels.html http://cypherpunks.venona.com/date/1997/03/msg00102.html -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: Maybe It's Snake Oil All the Way Down
The assumption that having cracked a cipher leads to can make lots of money from the break is one held mostly by those who have never attacked real systems, which have evolved with lots of checks and balances. The very best way to make money from cracking ciphers seems to be to patent the break, and the fixes, and then consult to those who use the cipher, because they need your expertise to fix their systems. P. may have a patent on this method. Adam On Sun, Jun 01, 2003 at 07:05:44PM -0400, Scott Guthery wrote: | Suppose. Just suppose. That you figured out a factoring | algorithm that was polynomial. What would you do? Would | you post it immediately to cypherpunks?Well, OK, maybe | you would but not everyone would. In fact some might | even imagine they could turn a sou or two. And you can | bet the buyer wouldn't be doing any posting. With apologies | to Bon Ami, Hasn't cracked yet is not a compelling security | story. | | Cheers, Scott | | -Original Message- | From: Rich Salz [mailto:[EMAIL PROTECTED] | Sent: Sun 6/1/2003 6:16 PM | To: Eric Rescorla | Cc: Scott Guthery; cypherpunks; [EMAIL PROTECTED] | Subject: Re: Maybe It's Snake Oil All the Way Down | | | |There are a number of standard building blocks (3DES, AES, RSA, HMAC, |SSL, S/MIME, etc.). While none of these building blocks are known |to be secure .. | | So for the well-meaning naif, a literature search should result in no | news is good news. Put more plainly, if you looked up hash and didn't | find news of a SHA break, then you should know to use SHA. That assumes | you've heard of SHA in the first place. | | Perhaps a few best practices papers are in order. They might help | the secure (distributed) computing field a great deal. | /r$ | -- | Rich Salz Chief Security Architect | DataPower Technology http://www.datapower.com | XS40 XML Security Gateway http://www.datapower.com/products/xs40.html -- It is seldom that liberty of any kind is lost all at once. -Hume
Clipper
/. has a link to a story on Clipper doc's FOIA by unnamed parties. http://www.newsmax.com/archives/articles/2001/5/14/203404.shtml U.S. Considered Sharing Security Secrets With China, Syria, Pakistan The newly released documents shows that the Clinton administration considered sharing secret Clipper surveillance keys with China and other hostile powers in order to monitor worldwide communications for law enforcement purposes. Anyone know who FOIA'd the documents, or where we can see the originals? Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
