http://www.nullsoft.com/free/waste/ - Overview
http://www.nullsoft.com/free/waste/security.html - Security section
http://www.nullsoft.com/free/waste/network.html - Network design
http://slashdot.org/article.pl?sid=03/05/29/0140241mode=threadtid=126tid=93
- Slashdot discusssion
Nullsoft, who did
The article hedges on whether or not PGP was used on the Psion mentioned.
The Psion might have been using one of the other programs listed at
http://www.ericlindsay.com/epoc/sicrypt5.htm.
-
The Cryptography Mailing List
Aside from the whole governments-and-people-and-terrorists thing,
I will say that there was an event last year at my former employers'
that made us very glad we were using PGP.
An engineer's laptop got stolen. With the entire source tree of an
enterprise application that licensed for $25K a seat
If the FBI cannot crack PGP that does not mean other
agencies with greater prowess cannot. It is unlikely that
the capability to crack PGP would be publicly revealed
for that would close an invaluable source of information.
Intel crackers hardly ever reveal their most essential
tools, though
I need to find some relatively widely deployed applications which have
frequent user interactions (rapid clicking on links, from as large a
population of links as possible, and also form filling and such).
(it should be pretty obvious what this is for)
I'd like:
0) *rapid*/frequent user
At 1:22 PM -0400 5/29/03, Ian Grigg wrote:
The following appears to be a bone fide case of a
threat model in action against the PGP program.
Leaving aside commentary on the pros and cons
within this example, there is a desparate lack of
real experience in how crypto systems are attacked.
IMHO,