I sent the link to Peter direct yesterday, but if anyone else is
interested--
http://www.improb.com/airchives/paperair/volume6/v6i4/postal-6-4.html
~~SAM
> From: "Major Variola (ret)" <[EMAIL PROTECTED]>
> Date: Mon, 04 Nov 2002 08:26:17 -0800
> To: "[EMAIL PROTECTED]" <[EMAIL PROTECTED]>
> Subjec
On Mon, Nov 04, 2002 at 12:58:55PM -0500, Trei, Peter wrote:
> Durden's question was whether a snooper on an IPSEC VPN can
> tell (for example) an encrypted email packet from an encrypted
> HTTP request.
>
> The answer is no.
>
> All Eve can tell is the FW1 sent FW2 a packet of a certain size.
>
I think this is what you're looking for:
http://www.improb.com/airchives/paperair/volume6/v6i4/postal-6-4.html
At 11:17 PM 11/3/02 +0100, Thoenen, Peter Mr. EPS wrote:
>Tried emailing direct but bounced so apologize to the list for the OT
>content :)
>
>You don't happen to have the url do you?
Dear colleague -
I'd like to invite you to attend the 5th Smart Card Research and
Advanced Application Conference, November 21-22 in San Jose, CA.
http://www.usenix.org/events/cardis02/
CARDIS '02, the joint IFIP/USENIX International Conference on Smart
Card Research and Advanced Applications, wi
On Sun, Nov 03, 2002 at 11:23:36AM -0800, Tim May wrote:
> - -- treat text as text, to be sent via whichever mail program one uses,
> or whichever chatroom software (not that encrypted chat rooms are
> likely...but who knows?), or whichever news reader software
http://www.invisible.net is sort o
> Tyler Durden[SMTP:[EMAIL PROTECTED]] wrote
>
>
> But from your previous email, you indicated that the secure IPSEC tunnel
> is
> created by taking the packets, encrypting S/A, D/A, payload and protocol
> fields (ie, pretty much everything) and then dumping them into the payload
>
> of anothe
Peter Trei wrote...
"Durden's question was whether a snooper on an IPSEC VPN can
tell (for example) an encrypted email packet from an encrypted
HTTP request.
The answer is no.
All Eve can tell is the FW1 sent FW2 a packet of a certain size.
The protocol of the encapsulated IP packet, it's true s
> Major Variola (ret)[SMTP:[EMAIL PROTECTED]]
>
>
> At 10:13 AM 11/4/02 -0500, Tyler Durden wrote:
> >This is an interesting issue...how much information can be gleaned from
>
> >encrypted "payloads"?
>
> Traffic analysis (who, how frequently, temporal patterns)
> Size of payload
>
> Is it pos
> Tyler Durden[SMTP:[EMAIL PROTECTED]] writes:
>
>
> "Most the ones I've seen are IPSEC over IPv4. You might be able to glean
> some info from packet size, timing, and ordering, but not much. IPSEC
> takes a plaintext IP packet and treats the whole thing as a data block
> to be encrypted."
>
> S
"Most the ones I've seen are IPSEC over IPv4. You might be able to glean
some info from packet size, timing, and ordering, but not much. IPSEC
takes a plaintext IP packet and treats the whole thing as a data block
to be encrypted."
SO this would indicate that IPSEC creates a sort of blockage from
At 10:13 AM 11/4/02 -0500, Tyler Durden wrote:
>This is an interesting issue...how much information can be gleaned from
>encrypted "payloads"?
Traffic analysis (who, how frequently, temporal patterns)
Size of payload
Is it possible for a switch or whatever that has
>visibility up to layers 4/5/6
EWeek 21 Oct 2002 p 58, "High-tech products invite tech crimes" P.
Coffee
Writing about a consultant who tried to sell a client's software, and
got busted:
"Next time, a code theif may use a "BlackNet" brokerage (as envisioned
in the
widely circulated essay by Timothy May) to avoid such traps."
[
> --
> From: Tyler Durden[SMTP:[EMAIL PROTECTED]]
> Sent: Monday, November 04, 2002 10:13 AM
> To: [EMAIL PROTECTED]
> Subject: RE: What email encryption is actually in use?
>
> The ever-though-provoking Peter Trei wrote...
>
> "A great deal of highly sensitive inte
The ever-though-provoking Peter Trei wrote...
"A great deal of highly sensitive internal
email flows over these links, with the encryption totally transparent
to the end-users."
This is an interesting issue...how much information can be gleaned from
encrypted "payloads"? Is it possible for a swi
> --
> From: Major Variola (ret)[SMTP:[EMAIL PROTECTED]]
> Sent: Friday, November 01, 2002 6:02 PM
> To: [EMAIL PROTECTED]
> Subject: Re: Flight security analysis (was Re: Confiscation of
> Anti-War Video)
>
> At 05:16 PM 11/1/02 -0500, Steve Furlong wrote:
> >But M
At 11:17 PM 11/3/02 +0100, Thoenen, Peter Mr. EPS wrote:
>Tried emailing direct but bounced so apologize to the list for the OT
>content :)
>
>You don't happen to have the url do you? Think it would make an
amusing
>read.
Sorry, no. BTW, my nym is for humor value, and spam-avoidance, not
repli
at Monday, November 04, 2002 3:13 PM, Tyler Durden
> This is an interesting issue...how much information can be gleaned
> from encrypted "payloads"?
Usually, the VPN is an encrypted tunnel from a specified IP (individual
pc or lan) to another specified IP (the outer marker of the lan, usually
the
On Sun, 3 Nov 2002, Lucky Green wrote:
> Tim wrote:
> > Microsoft calls its technology "Palladium." Intel dubs it
> > "LaGrande." "
> >
> > I say we call it "LaGrab."
>
> Has anybody on the list seen any official specs, datasheets, etc. for
> Intel's LaGrande feature set? Any documents that could
> Major Variola (ret)[SMTP:[EMAIL PROTECTED]]
>
> When that trucker kamakazi'd into the state capital in Sacramento last
> year, they decided to put Jersey barriers
> up. Hard to do that in the air (Blimps with nets?)
>
The name for these is 'barrage balloons'. They were
widely deployed during W
> Tim May[SMTP:[EMAIL PROTECTED]]
>
>
> On Saturday, November 2, 2002, at 08:01 PM, Tyler Durden wrote:
>
> > "Prior to that, the encrypted email I've sent in the past year or so
> > has almost always failed, because of version incompatibilities,"
> >
> > While in Telecom I was auditing optica
At 12:41 PM 11/02/2002 -0500, Steve Furlong wrote:
The only business environment I've ever worked in which successfully
used encrypted email mandated specific versions of mail client
(Outlook, ecch) and PGP (integrated into Outlook), had a jackbooted
thug to make sure everyone's keyring was up to
Tim wrote:
> Microsoft calls its technology "Palladium." Intel dubs it
> "LaGrande." "
>
> I say we call it "LaGrab."
Has anybody on the list seen any official specs, datasheets, etc. for
Intel's LaGrande feature set? Any documents that could be donated to
Cryptome's collection? So far, all I ha
At 09:32 PM 10/31/2002 -0800, Tim May wrote:
I'm missing the gist of this scenario.
If the attackers/hijackers cannot get into the cockpit and gain control of
the plane, then the most they can do with disabling/lethal/nerve gases is
to cause the plane to essentially crash randomly...which kills
On Saturday November 2 2002 11:09, Adam Shostack wrote:
> I'd be interested to hear how often email content is protected by any
> form of crypto, including IPsec, Starttls, ssh delivery, or PGP or
> SMIME. There's probably an interesting paper in going out and
> looking at this.
I use GnuPG to th
at Monday, November 04, 2002 2:28 AM, Tim May <[EMAIL PROTECTED]> was seen
to say:
> Those who need to know, know.
Which of course is a viable model, provided you are only using your key
for private email to "those who need to know"
if you are using it for signatures posted to a mailing list though
-BEGIN PGP SIGNED MESSAGE-
If you signed your messages on a regular basis, it would let me know
whether or not you're the same Tim May, I've been reading since back
when toad.com was the only server for the list.
If you're key was signed by anyone I've dealt with, who I know will
actual
26 matches
Mail list logo
