On 10/07/2010 12:10 PM, Bernie Cosell wrote:
There's no way to tell if you used the
first password that you didn't decrypt everything.
Is there a way to prove that you did?
If yes, your jailers may say We know you have more self-incriminating
evidence there. Your imprisonment will continue
On 10/06/2010 01:57 PM, Ray Dillinger wrote:
a 19-year-old just got a 16-month jail sentence for his refusal to
disclose the password that would have allowed investigators to see
what was on his hard drive.
I am thankful to not be an English subject.
I suppose that, if the authorities could
On 09/30/2010 10:41 AM, Thor Lancelot Simon wrote:
On Wed, Sep 29, 2010 at 09:22:38PM -0700, Chris Palmer wrote:
Thor Lancelot Simon writes:
a significant net loss of security, since the huge increase in computation
required will delay or prevent the deployment of SSL everywhere.
That would
On 09/27/2010 08:26 PM, Rose, Greg wrote:
On 2010 Sep 24, at 12:47 , Steven Bellovin wrote:
Per
http://news.softpedia.com/news/New-Trojan-Steals-Digital-Certificates-157442.shtml
there's a new Trojan out there that looks for a steals Cert_*.p12
files -- certificates with private keys. Since
On 09/13/2010 07:24 PM, Ian G wrote:
On 11/09/10 6:45 PM, f...@mail.dnttm.ro wrote:
Essentially, the highest risk we have to tackle is the database.
Somebody having access to the database, and by this to the
authentication hashes against which login requests are verified,
should not be able to
On 09/14/2010 09:13 AM, Ben Laurie wrote:
On 14/09/2010 12:29, Ian G wrote:
On 14/09/10 2:26 PM, Marsh Ray wrote:
On 09/13/2010 07:24 PM, Ian G wrote:
1. In your initial account creation / login, trigger a creation of a
client certificate in the browser.
There may be a way to get
On 09/06/2010 09:49 PM, John Denker wrote:
If anybody can think of a practical attack against the randomness
of a thermal noise source, please let us know. By practical I
mean to exclude attacks that use such stupendous resources that
it would be far easier to attack other elements of the
On 09/07/2010 12:58 PM, John Denker wrote:
On 09/07/2010 10:21 AM, Marsh Ray wrote:
If anybody can think of a practical attack against the randomness
of a thermal noise source, please let us know. By practical I
mean to exclude attacks that use such stupendous resources that
it would be far
On 09/07/2010 02:18 PM, Perry E. Metzger wrote:
The question is, can you make it more expensive to do that than to,
say, buy a new parking card or whatever else the smart card is being
used for. If the attack is fairly cheap and repeatable and yields
something reasonably valuable, you have a
On 09/03/2010 03:45 AM, Ben Laurie wrote:
That's the whole point - a hash function used on an arbitrary message
produces one of its possible outputs. Feed that hash back in and it
produces one of a subset of its possible outputs. Each time you do this,
you lose a little entropy (I can't
10 matches
Mail list logo
