> http://www.msnbc.msn.com/id/39379819/ns/technology_and_science-security/
> When the rest of the world is using OpenSSL and SSH, how you gonna do > this securely? Assuming the story accurately reports the plans (which is far from guaranteed), I would say it's just another instance of someone in government deciding to mandate something without bothering to check that it's actually possible. The cryptography genie has been out of the bottle for a very long time (in computer terms); there's no way it's going back in now, especially for communication among people who are willing to ignore laws. And no, that "run only signed code" hardware won't help; even if it were magically made ubiquitous, at most it would force a layer of interpretation. Given any user programmability to speak of, it's possible to layer crypto on top of it - I could implement IDEA or Blowfish or even RSA in sh or javascript if I cared to bother, and I'm hardly alone in that. /~\ The ASCII Mouse \ / Ribbon Campaign X Against HTML [email protected] / \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
