Re: "The Reader of Gentlemen's Mail", by David Kahn

In message <[EMAIL PROTECTED]>, Bill Stewart writ es: >My wife was channel-surfing and ran across David Kahn talking about his >recent book >"The Reader of Gentlemen's Mail: Herbert O. Yardley and the Birth of >American Codebreaking". > >ISBN 0300098464 , Yale University Press, March 2004 > >Amaz

Schneier to Speak to Boston CPCU (Chartered Property Casualty Underwriter) Society

LicataandKelleherHome 137 South Street, Suite 3 Boston, MA 02111-2838 617-451-2140 x312 [EMAIL PROTECTED] Security Consultant Bruce Schneier to Speak in Boston on January 20, 2005 Bruce Schneier, Founder and Chief Technical Officer of Counterpane Inte

Safecracking for the computer scientist

I've been thinking for a while about the relationship between the "human-scale" security systems used to protect the physical world the cryptologic and software systems that protect the electronic world. I'm increasingly convinced that these areas have far more in common that we might initially th

Entropy and PRNGs

John Denker writes: >Ben Laurie wrote: >> http://www.apache-ssl.org/randomness.pdf > >I just took a look at the first couple of pages. >IMHO it has much room for improvement. I guess I have to take exception. I disagree. I think Ben Laurie's paper is quite good. I thought your criticisms missed

Re: entropy depletion

Ian G wrote: (4A) Programs must be audited to ensure that they do not use /dev/random improperly. (4B) Accesses to /dev/random should be logged. I'm confused by this aggresive containment of the entropy/random device. I'm assuming here that /dev/random is the entropy device (better renamed as /dev

Re: entropy depletion (was: SSL/TLS passive sniffing)

On Sat, Jan 08, 2005 at 10:46:17AM +0800, Enzo Michelangeli wrote: > But that was precisely my initial position: that the insight on the > internal state (which I saw, by definition, as the loss of entropy by the > generator) that we gain from one bit of output is much smaller than one > full bit.

Re: entropy depletion (was: SSL/TLS passive sniffing)

William Allen Simpson wrote: There are already other worthy comments in the thread(s). This is a great post. One can't stress enough that programmers need programming guidance, not arcane information theoretic concepts. We are using computational devices, and therefore computational infeasibility

Simson Garfinkel analyses Skype - Open Society Institute

Voice Over Internet Protocol and Skype Security Simson L. Garfinkel January 7, 2005 With the increased deployment of high-speed ("broadband") Internet connectivity, a growing number of businesses and individuals are using the Internet for voice telephony, a technique known as Voice over Internet

"The Reader of Gentlemen's Mail", by David Kahn

My wife was channel-surfing and ran across David Kahn talking about his recent book "The Reader of Gentlemen's Mail: Herbert O. Yardley and the Birth of American Codebreaking". ISBN 0300098464 , Yale University Press, March 2004 Amazon's page has a couple of good detailed reviews http://www.amaz