On 14.11.2016 00:29, taii...@gmx.com wrote:
> True, but quality security is about planning for the theoretical and not
So what's your theory?
> just closing the barn door after the animals have left already.
You are implying that SHA-1 will be broken earlier than SHA-2, because
of?
Seriously, i
True, but quality security is about planning for the theoretical and not
just closing the barn door after the animals have left already.
I am sure there are quite a lot of things that the public doesn't know
about, kept secret by the shady people and organizations of the world
On 11/13/2016 0
On 14.11.2016 00:06, taii...@gmx.com wrote:
> Shouldn't we be using sha256 or sha512? I am not a crypto expert but
> AFIAK couldn't sha1 collisions could be easily generated with the type
> of resources available to someone who would want to attack coreboot?
AFAIK, there is no known attack on SHA-
Shouldn't we be using sha256 or sha512? I am not a crypto expert but
AFIAK couldn't sha1 collisions could be easily generated with the type
of resources available to someone who would want to attack coreboot?
On 11/06/2016 07:15 PM, Iru Cai wrote:
buildgcc can verify the SHA1 sum of the tarba
On 06.11.2016 23:30, taii...@gmx.com wrote:
> I suppose you are correct, but would you have rather I didn't mention it?
No, but you could have chosen kindlier words.
>
> I would love to, however I do not have the scripting skills required to
> ensure proper verification and unfortunately there ar
I suppose you are correct, but would you have rather I didn't mention it?
I would love to, however I do not have the scripting skills required to
ensure proper verification and unfortunately there are multiple
dependencies that don't publish gpg signatures.
It isn't an easy task if we want close
On 06.11.2016 22:44, taii...@gmx.com wrote:
> It is 2016 not 2001 and MITM's are a regular thing so this is a serious
> issue.
Yes, YOU haven't fixed that yet.
--
coreboot mailing list: coreboot@coreboot.org
https://www.coreboot.org/mailman/listinfo/coreboot
It is 2016 not 2001 and MITM's are a regular thing so this is a serious
issue.
--
coreboot mailing list: coreboot@coreboot.org
https://www.coreboot.org/mailman/listinfo/coreboot
8 matches
Mail list logo
