That's a very good point Steve. (I generally consider anything that I haven't already thought of as a Good Point). : )
Now who in the world do we think might have the resources to store huge amounts of encrypted internet traffic? [COUGH! nsa COUGH!] http://www.buzzfeed.com/charliewarzel/the-nsa-and-the-real-problem-behind-the-heartbleed-security On Thu, Apr 10, 2014 at 11:54 AM, steve harley <[email protected]> wrote: > on 2014-04-10 10:29 Darren Addy wrote > >> What the HeartBleed Attack Really Means: >> >> http://www.newyorker.com/online/blogs/elements/2014/04/the-internets-telltale-heartbleed.html > > > it's amusing to see the media rush to explain Heartbleed; perhaps it will > increase technical literacy and cause an appropriate correction in the trust > we have for internet services > > that article is surprisingly good, but it misses slightly on what it calls a > "worst-case scenario" -- the worst case is that some entities stored huge > amounts of encrypted internet traffic, even from before the date the bug was > introduced into OpenSSL, and now Heartbleed has been used to get the keys to > unlock that trove > > also unstated is how Heartbleed will encourage more entities to store as > much encrypted traffic as possible on the expectation that there will be > other bugs to get the newer keys > > > > > -- > PDML Pentax-Discuss Mail List > [email protected] > http://pdml.net/mailman/listinfo/pdml_pdml.net > to UNSUBSCRIBE from the PDML, please visit the link directly above and > follow the directions. -- Photographers must learn not to be ashamed to have their photographs look like photographs. ~ Alfred Stieglitz -- PDML Pentax-Discuss Mail List [email protected] http://pdml.net/mailman/listinfo/pdml_pdml.net to UNSUBSCRIBE from the PDML, please visit the link directly above and follow the directions.
