On Thu, Apr 30, 2015 at 3:14 PM, John Young j...@pipeline.com wrote:
Matt Blaze testified yesterday at the House hearing on encryption
http://oversight.house.gov/wp-content/uploads/2015/04/4-29-2015-IT-Subcommittee-Hearing-on-Encryption-Blaze.pdf
Others too:
On Thu, Jan 8, 2015 at 6:35 PM, Jon Callas j...@callas.org wrote:
Well, I'll be. I am on a Gogo-enabled flight even as we squeak, and I just
turned my VPN off to go get you one of their certs. They're letting me get
to YouTube and Vimeo just fine now. I guess someone got some sense. It was
On Thu, Nov 14, 2013 at 5:57 PM, Ben Laurie b...@links.org wrote:
On 14 November 2013 03:29, shawn wilson ag4ve...@gmail.com wrote:
This is the only thing I've seen (haven't really looked):
http://stricture-group.com/files/adobe-top100.txt
I have to ask: snoopy1 more popular than snoopy?
On Fri, Aug 16, 2013 at 11:42 AM, Tony Arcieri basc...@gmail.com wrote:
On Fri, Aug 16, 2013 at 6:32 AM, shawn wilson ag4ve...@gmail.com wrote:
I thought that decent crypto programs (openssh, openssl, tls suites)
should read from random so they stay secure and don't start generating
On Fri, Aug 16, 2013 at 12:03 PM, Tony Arcieri basc...@gmail.com wrote:
On Fri, Aug 16, 2013 at 8:47 AM, Patrick Mylund Nielsen
cryptogra...@patrickmylund.com wrote:
Not for nothing, but that refers to both random and urandom, showing one
problem with the entropy estimation, and another
On Fri, Aug 16, 2013 at 3:30 PM, Tony Arcieri basc...@gmail.com wrote:
On Fri, Aug 16, 2013 at 9:18 AM, Patrick Mylund Nielsen
cryptogra...@patrickmylund.com wrote:
Yes, but they aren't talking about urandom. Your reply made it sound like
random is weak, but the paper points to both
On Fri, Jul 12, 2013 at 3:29 PM, ianG i...@iang.org wrote:
On 12/07/13 21:54 PM, Patrick Mylund Nielsen wrote:
On Fri, Jul 12, 2013 at 2:48 PM, James A. Donald jam...@echeque.com
mailto:jam...@echeque.com wrote:
On 2013-07-13 12:20 AM, Eugen Leitl wrote:
It's worth noting
On Fri, Jul 12, 2013 at 2:48 PM, James A. Donald jam...@echeque.com wrote:
On 2013-07-13 12:20 AM, Eugen Leitl wrote:
It's worth noting that the maintainer of record (me) for the Linux RNG
quit the project about two years ago precisely because Linus decided to
include a patch from Intel to
On Sat, Jul 13, 2013 at 1:38 AM, William Yager will.ya...@gmail.com wrote:
not trusting your hardware is a great place to start.
Heh, might as well just give up. http://cm.bell-labs.com/who/ken/trust.html
(I know what you meant, just couldn't resist.)
On Fri, Jul 12, 2013 at 7:20 PM,
It is a good thing that Swartz killed himself, like his hero Wallace.
Both of them needed killing.
This is the stupidest thing I have read in a long time. Shut the fuck up.
It is Jewish leftists like Rahm Israel Emanuel that seek the destruction
of Israel.
Israel is disliked in most countries
To rephrase, I don't understand why anyone would push their /home/user /
backup git repository to a public one on GitHub :)
On Mon, Jan 28, 2013 at 3:49 AM, ianG i...@iang.org wrote:
On 28/01/13 05:36 AM, Eitan Adler wrote:
On 27 January 2013 21:34, Patrick Mylund Nielsen
cryptography
I don't understand how you can accidentally check in ~/.ssh to your
repository, or at least not notice afterwards. Hopefully the OpenSSL
authors won't do that!
On Sun, Jan 27, 2013 at 9:29 PM, d...@geer.org wrote:
offtopic to list purpose, but perhaps timely to this thread
I would be happy to volunteer to move everything to Github. But it really
is really, really easy to do, and the maintenance required is minimal. That
or git+redmine or git+JIRA would be my suggestion.
On Tue, Oct 30, 2012 at 3:28 PM, Ben Laurie b...@links.org wrote:
On Tue, Oct 30, 2012 at 2:21
:
Thank god...
On Oct 30, 2012 7:50 AM, Ben Laurie b...@links.org wrote:
On Tue, Oct 30, 2012 at 2:39 PM, Patrick Mylund Nielsen
cryptogra...@patrickmylund.com wrote:
I would be happy to volunteer to move everything to Github. But it
really is
really, really easy to do, and the maintenance
Related:
https://crypto.stanford.edu/~dabo/pubs/abstracts/ssl-client-bugs.html
http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf
On Wed, Oct 10, 2012 at 10:26 PM,
travis+ml-rbcryptogra...@subspacefield.org wrote:
On Wed, Oct 10, 2012 at 08:56:29PM +0100, Patrick Mylund Nielsen wrote:
One
Hah. I'm surprised the term security theater wasn't coined earlier!
On Wed, Oct 10, 2012 at 9:29 PM, Warren Kumari war...@kumari.net wrote:
On Oct 10, 2012, at 3:56 PM, Patrick Mylund Nielsen
cryptogra...@patrickmylund.com wrote:
One thing that I've sadly seen more times than I can shake
It's interesting how the level of technical expertise of an organization's
members seems to have almost no bearing on how sophisticated the
organization's infrastructure is.
On a related note, I was recently surprised to learn that even the IACR
stores passwords in plain text.
On Tue, Sep 25,
One curious note is that NIST recommends PBKDF2 for master key derivation,
and specifically write, The MK [PBKDF2 output] shall not be used for other
purposes. Perhaps the document was meant to document just KDFs. Since the
hashes are one-way anyway, I don't see it making a difference for use as
18 matches
Mail list logo