On 13/07/13 09:32 AM, Peter Gutmann wrote:
William Yager <[email protected]> writes:
no cryptographer ever got hurt by being too paranoid, and not trusting your
hardware is a great place to start.
And while you're lying awake at night worrying whether the Men in Black have
backdoored the CPU in your laptop, you're missing the fact that the software
that's using the random numbers has 36 different buffer overflows, of which 27
are remote-exploitable, and the crypto uses an RSA exponent of 1 and AES-CTR
with a fixed IV.
;) has everyone had a read of this:
http://www.infoworld.com/d/security/in-his-own-words-confessions-of-cyber-warrior-222266
iang
ps, my comments here:
http://financialcryptography.com/mt/archives/001439.html
_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography
