some oppportunist some where, will take advantage of the market and sell
strong crypto. even if he has to move to a "crypto free port".
there will always be conflicting interests, national interests, that
will allow for sale of contraband in another country. this includes
crypto contraband.
"Are there so many foreign crypto products that any regulation by only one
country will be easily
circumvented? Or has the industry consolidated around only a few products made by
only a few countries, so that effective regulation of strong encryption is
possible?"
your questions are very
Does anyone have any thoughts on the randomness of the Java random
number generator?
Thanks.
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
On 12/20/2015 2:14 AM, Jeffrey Goldberg wrote:
The problem you address is certainly real. And a lot of people have
looked at various approaches over the decades. None, so far, is fully
satisfactory. (I obviously believe that a well designed password
manager is the best solution for most people
e password file being compromised by having a password captured, is
reduced or minimalized.
On 12/20/2015 6:20 AM, Givon Zirkind wrote:
1. The generated password may not confirm to the requirements of the site or
service.
2. You cannot change the password a site if, say, there is a brea
On 12/18/2015 6:35 PM, Ondrej Mikle wrote:
1) No matter how strong your password is, it will leak if you reuse it, because
attackers hack badly secured sites/databases - this is in no way surprising, but
it's "new" to non-tech-savvy people.
constantly or periodically changing your master
i've been researching this subject with little results. is it possible
to some how include a virus in a font? otf or ttf?
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
There is baseless hatred. Which is based on irrational ideas. Such hate
is basically neurotic. No amount bicycles will change that. Which is
why the idea of Christian love vs. Islamic Jihad is so ridiculous.
Ppl do think about terrorism differently and make irrational decisions.
Which is
the logical choice, as absurd as it may seem, is actually 3. allow for
the occassional terrorist success.
because, empirically, it works that way. it does happen from to time
even with all our current measures. and, intuitively, the high level
surveillance doesn't catch these ppl anyway.
perhaps a silly question. but, can ISIS or others embed virues and
trojans in their pdfs?
i mean assuming u r downloading a pdf and not spoofed to an exe or self
loading something.
i am curious about some of their literature. but, not interested in the
time it might take to cleanup after a
Were it not for the intellectual stimulation of working with crypto,
i think that's the only real reason to work with crypto.
On 11/20/2015 10:09 A
M, Arshad Noor wrote:
On 11/20/2015 04:42 AM, Notify wrote:
If crypto is the path to commercial riches, it would come as a
surprise to the
yeah, crypto is not the path to riches.
Brown, in his famous survey on maps said about alchemy, 'If one could
figure out how to turn lead into gold, what would that achieve? It
would cheapen the price of gold. Only a gov't / prince / king could use
it. If a commoner did it, he'd either be
we have always had crypto.
sign language. secret handshakes. letter and symbol codes. lingua
franca. specialized vocabularies.
three yellow flags for vegan restaurants.
certain types of architecture indicating members of religions/beliefs
and safety for slaves.
if you think of it on a
i'm in the middle of reading Bruce Schneier's lastest book, "Data and
Goliath". sheds a lot of light on this subject. very interesting
book. very insightful. a good read. i recommend it. i picked it up
to understand Google, scroogling, big data and the computer mechanics of
corporate
u have nothing to fear, if u have nothing to hide. said, the Nazis and
Communists. so, if you need workers to build a remote railway. and, no
one wants to work there. instead of offering incentives, accuse them of
crimes never committed. from all those things they didn't have to hide.
or,
imho, the crypto involved is not the issue. not having boots on the
ground, good intel, good spies who can walk and talk like the enemy, is
the real issue. there was no crypto in the false i.d. papers used to
gain entry. there is no crypto in exploiting the humanitarian aid being
given to
is it correct that [web page] cookies are trully local? is it correct,
that they are not passed to the server when a submit button is pressed
unless specifically sent. unlike [web page] form data which is
automatically passed to the server.
___
keeping something safe in the cloudinherently requires trusting a third party.
yeah, that says it all.
no access safe. access not safe.
cloud computing is good for non critical stuff and stuff you want ppl to see anyway. like your web page. even then, _javascript_ injection jacking your page,
agreed.
On 3/21/2015 5:18 PM, John Levine wrote:
Would a commonly available large binary file make a good one-time pad?
Something like ubuntu-14.10-desktop-amd64.iso12 maybe..
Unlkely for two reasons. One is that the point of a one-time pad is
that only the sender and recipient are supposed
does anyone have info on how good or what weaknesses, the javascript
random is/has?
does it work off a formula, that if u knew the formula, u could figure
out the random number generated?
thanks.
___
cryptography mailing list
this whole hulabalu about encrypted phones, its only the data on the
phone that's encrypted. not the conversations. right?
does the encryption extend to call logs?
___
cryptography mailing list
cryptography@randombit.net
have crypto ppl on staff. imho, it
won't be long before the cops will get around this encryption.
On 11/20/2014 6:08 AM, Givon Zirkind wrote:
this whole hulabalu about encrypted phones, its only the data on the
phone that's encrypted. not the conversations. right?
does the encryption
very good suggestion! i've been following this thread with interest.
relevant to a commercial product i am working on. i thought keeping the
key in the address book was the most practical idea. but, you still
have to exchange the keys. the biggest problem is the lookup for a key
in a key
this is an interesting point. since google scrougles your emails and
their aup says you agree to let them, by machine, sift through your
data, to target you for marketing--Google Analytic's targeted ads--how
receptive would Google or any freemail provider be, to an innate
encryption scheme.
A question about DES. Did anyone ever try map or graph the routes
through the S-boxes? I mean pictorially. Do the routes produce some
kind of wave or path, that have (or have not) relationships with the
other routes?
___
cryptography mailing list
i did not read the paper, but, if their model is a variant of OTP, with
a running stream cipher, it is possible, that it is non-decryptable by
method or semantically secure, or has no algorithmic decryption, only
brute force. however, as protein signalling (bio-informatics) is based
on a
26 matches
Mail list logo