Hi Michael, >From an encryption point of view, its fairly robust. In practice it depends on the algo, the mode, the padding scheme, and password length used.
A brute force attack on a AES (aka Rijndael)/256 enc bits stream using a P4/1.5Ghz/512Mb Ram would take around: passwrd len: 6 chars --360 days (63 chars no caps, caps, digits,..) passwrd len: 8 chars --4030 years passwrd len: 9 chars --252,000 years For longer password it just get exponentially lengthier and more difficult to crack. Figures above assumes that you know the password length a priory (very unlikely). Usually the weakest link is in the systems management, policies, chain of trust, and the like. Generally speaking it is easier and cheaper to penetrate the machine, break in, tampering, spoofing, intercepting (man in the middle), bribe, extort, threaten, poison, etc. It just depends on the value of your information, as the russian guy in London found out. Mario. Michael Christie wrote: > Logmein website says it uses SSL and uses 256bit encryption on data > transmitted. > https://secure.logmein.com/go.asp?page=support_faq#security-03 > Is this enough security? > > _______________________________________________ Gpcg_talk mailing list [email protected] http://ozdocit.org/cgi-bin/mailman/listinfo/gpcg_talk
