On Mon, 30 Jul 2001, Paul Onions wrote:
Indeed, my reading of the following extract defining 'encryption research'
in the DMCA seems to indicate that it is easier to prosecute someone for
exposing a vulnarability in a weak system than for a stronger system.
`(1) DEFINITIONS- For
No, it's the lack of a credible threat of such a system being put in
place. Once the system is in place it is too late to impliment crypto to
recover.
There are other similar cause-effect logic errors in your arguments as
well.
On Sat, 22 Sep 2001, Ryan Lackey wrote:
The greatest enemy of
Might try,
Modelling and Analysis of Security Protocols
P. Ryan, S. Schneider
ISBN 0-201-67471-8
Can't say it has exactly what you're looking for though.
On Thu, 1 Nov 2001, Roop Mukherjee wrote:
I have being trying to read about formally proving security protocols. I
have seen the work of
On Tue, 27 Nov 2001, Ben Laurie wrote:
Yeah right - so it sets up an outgoing connection to some webserver to
pass on the info. Firewall that.
Easy, have your firewalling software keep a list of all the connections
you allow. Each time a connection to a machine not on the list occurs it
asks
On Mon, 10 Dec 2001, John Gilmore wrote:
NSA's export controls. We overturned them by a pretty thin margin.
The government managed to maneuver such that no binding precedents
were set: if they unilaterally change the regulations tomorrow to
block the export of public domain crypto, they
On Fri, 28 Dec 2001 [EMAIL PROTECTED] wrote:
I download all of alt.anonymous.messages from the same news
server that large numbers of people post and download child
porn on.
So the traffic analysis software has your link the first couple of days.
Now all they've got to do is black bag your
As someone who spent 5 years doing all the physical security for a major
university I can say that ALL physical systems can be broken. No
exception. The three laws of thermodynamics apply to security systems as
well.
There is ALWAYS a hole.
On Thu, 21 Mar 2002, Arnold G. Reinhold wrote:
On Fri, 22 Mar 2002, Arnold G. Reinhold wrote:
I'm not sure what changes in your argument if you delete the word
physical.
I don't think you understand what that means. I was responsible for a
multi-campus (at the time the largest private system ever built) computer
controlled real-time
On Sun, 24 Mar 2002 [EMAIL PROTECTED] wrote:
or just security proportional to risk ... random refs:
There's a short coming with that view.
In order to apply realistic metrics to what that risk is (eg 1 in 100
years) one must have systems being broken in order to vet it. It's one
thing to