> Like I've said in the past, bad crypto can be much worse than no
> crypto!
Encode well or do not encode at all. In transmitting cleartext, you give only
a
piece of information to the enemy, and you know what it is; in encoding badly,
you permit him to read all your correspondence and that of your friends.
- Marcel Givierge on improper crypto implementation
Steganography has, recently, generated interest far out of any proportion to
its
real significance. At heart it is security by obscurity, and is, therefore,
inherently
unworkable. Or, if you want a specific crypto reason not to use it, try
Kerckhoffs'
Law: you cannot rely on the secrecy of a crypto algorithm. You must secure the
key.
====================== (quote inserted randomly by Pegasus Mailer)
[email protected] [email protected] [email protected]
Outside of a dog, a book is man's best friend. Inside of a dog,
it's too dark to read. - Groucho Marx
victoria.tc.ca/techrev/rms.htm blog.isc2.org/isc2_blog/slade/index.html
http://blogs.securiteam.com/index.php/archives/author/p1/
http://www.infosecbc.org/links http://twitter.com/rslade
