On Wed, Sep 08, 2010 at 12:12:42PM -0700, [email protected] wrote: > A few things leap to mind: > > Skipjack and LEAFblower > LANMAN password hashing > http://thedailywtf.com/Articles/So-You-Hacked-Our-Site!.aspx > http://en.wikipedia.org/wiki/A5/1 > > Also "The Art of Intrusion" has a good example of bad PRNG design in cheap > Japanese slot machines.
And add to that Trillian IM crypto... I seem to recall it's using unauthenticated Diffie-Helman. Someone from the crypto list went on their forums and tried to point out the lack of authentication problem to them, and the responses indicated that the user base was rude, ignorant, and - worst of all - stubbornly refused to think they didn't know everything about crypto, going so far as to confuse PK lengths with symmetric key lengths in vehement, condescending, ignorant rebuttals. This seems to happen so often, I'm tempted to coin a phrase for the purpose. Perhaps something ironic, along the lines of: "I see I cannot teach you anything, for you already know it all." I'm hoping the peanut gallery goes away thinking you've conceded to, even complimented them, and the wise know exactly what you mean. I am reminded of an old Zen story: http://c2.com/cgi/wiki?EmptyYourCup -- I find your ideas intriguing and would like to subscribe to your newsletter. My emails do not have attachments; it's a digital signature that your mail program doesn't understand. | http://www.subspacefield.org/~travis/ If you are a spammer, please email [email protected] to get blacklisted.
pgpg7K1JAYxaw.pgp
Description: PGP signature
_______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
