-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 10/10/2012 06:10 AM, Julian Oliver wrote:
> Seth, your comments about the Quantum Crypto text are excellent > and, on looking more closely, factually correct. I personally don't > think such material has a place in a handbook like this but with > your clarifications it will at least render it great reference > material. Your comments about journaled file-systems and > shredders/wipers were super and so will be added to the next > edition. I think that quantum crypto needs to be explained in the 'book, at least at a high level. In some discussions I've had with people about crypto, someone's always brought up "Quantum computers broke all crypto anyway, so there's no reason to do all of this," followed by a mostly uphill fight to convince them that there's no reliable evidence that there are quantum computers at Ft. Meade pwning us all. In other words, some solid ground to stand on when the trolls come 'round (and the do). I've forked the repo on Github and when I get some time this weekend I'll start working on some stuff. > Missing chapters like Threat Modeling (introducing it to newbies, > first of all) This. So much this. > need to be written, as well as an unintimidating reference table > for strength of encryption by type and threat context. This is > something that came up in I think there is some pretty reliable research out there that can be referenced in the 'book. > Still, I don't think it justifies those few security pros clumsily > (and somewhat destructively) writing off the book entirely. Rather > than being black and white More 'dead duck' discussions, I take it? > when it comes to security it's far more constructive to let people > into the process of learning to think for themselves by > understanding such particular risks; to be aware, agile and > vigilant. Security itself is a process in constant Toolkits, not cookbooks. - -- The Doctor [412/724/301/703] [ZS] Developer, Project Byzantium: http://project-byzantium.org/ PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F DD89 3BD8 FF2B 807B 17C1 WWW: https://drwho.virtadpt.net/ Sing loud! -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAlB3IkYACgkQO9j/K4B7F8EXMACgryyoLanzR9QkyYK9LYRkqu6p JSYAni4rpH18lvs0uE6IsoD7zeuQFS0k =Ocm4 -----END PGP SIGNATURE----- -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
