Good article.
http://www.news.com/News/Item/0%2c4%2c40048%2c00.html?dd.ne.txt.0803.03
FBI wiretap worries slow satellite phones
By John Borland
Staff Writer, CNET News.com
August 3, 1999, 4:00 a.m. PT
The Federal Bureau of Investigation is putting the brakes--at least
temporarily--on the
At 02:19 AM 8/3/99, Peter Gutmann wrote:
[1] There isn't any rule of thumb for the work involved in attaining the
higher
assurance levels because it's done so rarely, although in terms of
cost and
time I've seen an estimate of $40M for an A1 Multics (it never
eventuated)
and DEC's A1
On Tue, 3 Aug 1999, bram wrote:
The goal is to make it so that any time someone wants random numbers they
can go to /dev/random, with no required studying of entropy and threat
models and all that yadda yadda yadda which most developers will
rightfully recoil from getting into when all they
On Mon, 2 Aug 1999 [EMAIL PROTECTED] wrote:
Linux's /dev/random uses a very different design, in that it uses a
large pool to store the entropy. As long as you have enough entropy
(i.e., you don't overdraw on the pool's entropy), /dev/random isn't
relying on the cryptographic properties as
Keeping an ITSEC TOE confidential is not unusual. It would be more
unusual to not keep it confidential or at least restricted distribution,
given the contents. It is a major flaw of the scheme...you are trusting
the certifier to enforce a "good" TOE if they are going to give an
E3-High rating.
"Osma" == Osma Ahvenlampi [EMAIL PROTECTED] writes:
Osma Looking at this discussing going round and round, I'm very
Osma inclined to fetch the latest freeswan-snapshot, grep for
Osma /dev/random, and replace all reads with a routine that has it's
Osma own internal Yarrow-like SHA mixer that
At 12:35 PM -0700 8/2/99, John Denker wrote:
2) Network timing may be subject to observation and possibly manipulation
by the attacker. My real-time clocks are pretty coarse (10ms resolution).
This subthread started with a discussion of software to estimate the
entropy of a bitstream, and I
At 10:08 AM 8/4/99 -0400, D. Hugh Redelmeier wrote:
I think that this description reflects an inappropriate understanding
of entropy. Entropy is in some sense spread throughout the whole
output of /dev/urandom. You don't use entropy up, you spread it over
more and more bytes of output. This
--- begin forwarded text
From: [EMAIL PROTECTED]
Date: Wed, 04 Aug 1999 11:10:49 -0500
To: [EMAIL PROTECTED]
Subject: IP: Security of on-line banking studied
Cc: [EMAIL PROTECTED]
Sender: $[EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
Source: Washington Times
I have a set of unit vectors, but don't know their coordinates, or even
the dimension of the space they span. I'm given the angle between each
pair of vectors in units of some unknown "unit angle". I'd like to find
the smallest dimension into which the set fits, as well as the range of
values
At 05:44 PM 8/2/99 -0400, Radia Perlman - Boston Center for Networking wrote:
http://thomas.loc.gov/cgi-bin/bdquery/z?d106:h.r.02617:
I'm sure you'll all be enthusiastic about the chance to save your
company tax money.
Amazing! Despite the title, this seems to be a retro-active tax break for
-- BEGIN 2rot-13
David Jablon writes:
Amazing! Despite the title, this seems to be a retro-active tax
break for all developers of snake-oil and other poorly concieved or
poorly implemented cryptography.
Or for that matter, poorly selling. There's nothing in the bill that
requires that
12 matches
Mail list logo