[2]
http://michael.orlitzky.com/articles/why_im_against_ca-signed_certificates.php
.
I like to state some of what you say here as website certificates are only
as trusted as the LEAST trustworthy CA in the trusted certificate store
On Mon, Sep 9, 2013 at 6:05 AM, Michael Orlitzky mich...@orlitzky.comwrote:
The CA infrastructure was never secure. It exists to transfer money away
from website owners and into the bank accounts of the CAs and browser
makers. Security may be one of their goals, but it's certainly not the
There's a lot FUD out there and equally there is some truth. the NSA
we can decrypt everything statement was really very vague, and can
easily be done if you have a lot of taps (ala PRISM) and start doing
mitm attacks to reduce the level of security to something that is
crackable.
for
On Mon, Sep 09, 2013 at 10:36:09AM +0100, thegeezer wrote:
There's a lot FUD out there and equally there is some truth. the NSA
we can decrypt everything statement was really very vague, and can
easily be done if you have a lot of taps (ala PRISM) and start doing
mitm attacks to reduce the
When a top-post is that long did you read it before noticing?
Well, if you opened this email, All ur base r belong to us!
:$ oops, was more focussed on my rant than the etiquette
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 09/09/2013 01:28 AM, Mick wrote:
Are you saying that 2048 RSA keys are no good anymore?
They're probably fine, but when you're making them yourself, the extra
bits are free. I would assume that the NSA can crack 1024-bit RSA[1],
so why not
On 09/09/2013 02:50 AM, Adam Carter wrote:
[2]
http://michael.orlitzky.com/articles/why_im_against_ca-signed_certificates.php
.
I like to state some of what you say here as website certificates are
only as trusted as the LEAST trustworthy CA in the trusted certificate
store
On 09/09/2013 03:19 AM, Pavel Volkov wrote:
On Mon, Sep 9, 2013 at 6:05 AM, Michael Orlitzky mich...@orlitzky.com
mailto:mich...@orlitzky.com wrote:
The CA infrastructure was never secure. It exists to transfer money away
from website owners and into the bank accounts of the CAs and
On Mon, Sep 09, 2013 at 10:36:09AM +0100, thegeezer wrote:
There's a lot FUD out there and equally there is some truth. the NSA we can
decrypt everything statement was really very vague, and can easily be done if
you have a lot of taps (ala PRISM) and start doing mitm attacks to reduce the
On Mon, Sep 09, 2013 at 04:30:31PM +0100, thegeezer wrote:
i read in slashdot that there is a question mark over SELinux because it
came
from the NSA [4] but this is nonsense, as it is a means of securing
processes
not network connections. i find it difficult to believe that a
i read in slashdot that there is a question mark over SELinux because it came
from the NSA [4] but this is nonsense, as it is a means of securing processes
not network connections. i find it difficult to believe that a backdoor in a
locked cupboard in your house can somehow give access
Dale wrote:
Someone found this and sent it to me.
http://news.yahoo.com/internet-experts-want-security-revamp-nsa-revelations-020838711--sector.html
SNIP
Am I right on this, wrong or somewhere in the middle?
Dale
:-) :-)
I got this in my email today.
On 09/09/2013 05:04 PM, Hinnerk van Bruinehsen wrote:
On Mon, Sep 09, 2013 at 04:30:31PM +0100, thegeezer wrote:
Interesting, I didn't realise LSM provisioned hooks for SELinux -
thought it it was more modular (and less 'shoehorned') than that.
I need to go read about that some more now
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 09/09/2013 01:36 PM, Pavel Volkov wrote:
I noticed there's another GLEP which eliminates the mirror problem:
http://www.gentoo.org/proj/en/glep/glep-0058.html
It's marked as accepted. I hope they'll implement it in reasonable
time.
This
On Monday 09 Sep 2013 14:42:28 Michael Orlitzky wrote:
On 09/09/2013 01:28 AM, Mick wrote:
Are you saying that 2048 RSA keys are no good anymore?
They're probably fine, but when you're making them yourself, the extra
bits are free. I would assume that the NSA can crack 1024-bit RSA[1],
so
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 09/09/2013 02:07 PM, Mick wrote:
On Monday 09 Sep 2013 14:42:28 Michael Orlitzky wrote:
On 09/09/2013 01:28 AM, Mick wrote:
Are you saying that 2048 RSA keys are no good anymore?
They're probably fine, but when you're making them yourself,
On Monday 09 September 2013 10:00:25 Michael Orlitzky wrote:
No. There's a GLEP for some of these issues:
https://www.gentoo.org/proj/en/glep/glep-0057.html
The relevant part is,
...any non-Gentoo controlled rsync mirror can modify executable code;
as much of this code is per
On Monday 09 Sep 2013 20:24:56 Michael Orlitzky wrote:
On 09/09/2013 02:07 PM, Mick wrote:
On Monday 09 Sep 2013 14:42:28 Michael Orlitzky wrote:
On 09/09/2013 01:28 AM, Mick wrote:
Are you saying that 2048 RSA keys are no good anymore?
They're probably fine, but when you're making
Someone found this and sent it to me.
http://news.yahoo.com/internet-experts-want-security-revamp-nsa-revelations-020838711--sector.html
I'm not to concerned about the political aspect of this but do have to
wonder what this means when we use sites that are supposed to be secure
and use HTTPS.
On 09/08/2013 09:33 PM, Dale wrote:
Someone found this and sent it to me.
http://news.yahoo.com/internet-experts-want-security-revamp-nsa-revelations-020838711--sector.html
I'm not to concerned about the political aspect of this but do have to
wonder what this means when we use sites
On Monday 09 Sep 2013 03:05:57 Michael Orlitzky wrote:
On 09/08/2013 09:33 PM, Dale wrote:
Someone found this and sent it to me.
http://news.yahoo.com/internet-experts-want-security-revamp-nsa-revelatio
ns-020838711--sector.html
I'm not to concerned about the political aspect of
On Monday 09 Sep 2013 02:33:48 Dale wrote:
Someone found this and sent it to me.
http://news.yahoo.com/internet-experts-want-security-revamp-nsa-revelations
-020838711--sector.html
I'm not to concerned about the political aspect of this but do have to
wonder what this means when we use
22 matches
Mail list logo