Steven M. Bellovin wrote:
From a security point of view, why should anyone download any plug-in
from an unknown party? In this very specific case, why should someone
download a a plug-in that by its own description is playing around in
the crypto arena.
I think this is a problem for all open s
[EMAIL PROTECTED] wrote:
> How many users can remember MD5 checksums??? If they were rendered into
> something pronounceable via S/Key like dictionaries it might be more
> useful...
Apologies, last night's answer was too brief to
be useful! Here's the more detailed and coffee
charged explanation
"Steven M. Bellovin" wrote:
> Please don't take this personally...
None taken here, and I doubt that the author
of the tool (who has just joined this list
it seems) would take any!
> >From a security point of view, why should anyone download any plug-in
> from an unknown party? In this very spe
> > From a security point of view, why should anyone download any plug-in
> > from an unknown party? In this very specific case, why should someone
> > download a a plug-in that by its own description is playing around in
> > the crypto arena.
>
> I think this is a problem for all open source
In message <[EMAIL PROTECTED]>, Ian Grigg writes:
>
>Also, to impune the plug-in arrangement is to
>impune all plug-ins, and to impune the download
>from an unknown is to impune all downloads from
>unknowns.
Sounds about right...
...
>
>I.e., "download this fantastic tool" which
>just so annoyi
On Wed, Jun 25, 2003 at 12:02:39PM +0100, Pete Chown wrote:
> On the other hand, once a back door is installed in binary-only
> software, it is much less likely to be found. The Interbase back door
> was only found when the source was opened.
I doubt the truth of this statement. Certainly, the
The Draft Edition of the LibTomMath book [book about how to implement
bignum math] is freely available on my site at
http://book.libtomcrypt.org
Keep in mind it is a draft and has not been edited yet. However, if
you ever wanted to learn how to implement efficient [portable too]
bignum math rout
Just a quick comment. The PDF is not a "web friendly" PDF so you if
you are trying to view it inline with your browser you have to wait for
it to download completely first.
I've managed 80KB/sec off the site so it doesn't take too long to grab
it.Alternatively you can grab the .PDF.BZ2 file a
The Check Point Firewall-1 Docs insist, that the public keys be used
for p and g for the Oakley key exchange. I ask you: is this
possible?
- which of the two pubkeys will be p, which g?
- are they both always primes?
- are they both always suitable generators mod p?
It just seems to me that
On Wed, 25 Jun 2003, tom st denis wrote:
>The Draft Edition of the LibTomMath book [book about how to implement
>bignum math] is freely available on my site at
>
>http://book.libtomcrypt.org
>
>Keep in mind it is a draft and has not been edited yet. However, if
>you ever wanted to learn how to
--- bear <[EMAIL PROTECTED]> wrote:
> One thing that I've noticed for a long time is that there
> are *VERY* few math libraries that don't leave whatever
> numbers they're working with in memory when deallocating
> (deallocating heap via free() or deallocating stack via
> returning from a procedur
11 matches
Mail list logo
