Re: PGP master keys

2006-04-27 Thread Derek Atkins
Quoting Steven M. Bellovin [EMAIL PROTECTED]: In an article on disk encryption (http://www.theregister.co.uk/2006/04/26/pgp_infosec/), the following paragraph appears: BitLocker has landed Redmond in some hot water over its insistence that there are no back doors for law

Re: PGP master keys

2006-04-27 Thread David Shaw
On Wed, Apr 26, 2006 at 09:53:27PM -0400, Steven M. Bellovin wrote: In an article on disk encryption (http://www.theregister.co.uk/2006/04/26/pgp_infosec/), the following paragraph appears: BitLocker has landed Redmond in some hot water over its insistence that there are no back

Re: PGP master keys

2006-04-27 Thread Steven M. Bellovin
On Wed, 26 Apr 2006 22:24:22 -0400, Derek Atkins [EMAIL PROTECTED] wrote: Quoting Steven M. Bellovin [EMAIL PROTECTED]: In an article on disk encryption (http://www.theregister.co.uk/2006/04/26/pgp_infosec/), the following paragraph appears: BitLocker has landed Redmond in some

Judge Hints at Code in 'Da Vinci' Ruling

2006-04-27 Thread David Chessler
http://www.helenair.com/articles/2006/04/26/ap/strange/d8h7t2f8n.txt http://www.helenair.com/articles/2006/04/26/ap/strange/d8h7s6805.prt Judge Hints at Code in 'Da Vinci' Ruling By JENNIFER QUINN LONDON - The judge who presided at the Da Vinci Code copyright infringement trial has put a code

Re: History and definition of the term 'principal'?

2006-04-27 Thread dan
I was manager of development for Project Athena beginning in 1985. Amongst our projects was Kerberos, and, as you know, it was a direct implementation of Needham-Schroeder. Schroeder had been Jerome Saltzer's Ph.D. student and Saltzer was the MIT faculty member in charge of the technical side

Re: History and definition of the term 'principal'?

2006-04-27 Thread Ed Gerck
tmcghan quoted: SDSI's active agents (principals) are keys: specifically, the private keys that sign statements. We identify a principal with the corresponding verification (public) key... Calling a key a principal (and saying that a key speaks) is just a poetic language used in SDSI/SPKI.

Latest Da Vinci mystery: judge's own secret code

2006-04-27 Thread Jeffrey Altman
Latest Da Vinci mystery: judge's own secret code Thu Apr 27, 2006 8:11 AM ET By Peter Graff LONDON (Reuters) - Three weeks after a British court passed judgment in the copyright case involving Dan Brown's bestseller The Da Vinci Code, a lawyer has uncovered what may be a secret message buried in

VoIP and phishing

2006-04-27 Thread leichter_jerrold
From Computerworld: New phishing scam model leverages VoIP Novelty of dialing a phone number lures in the unwary News Story by Cara Garretson APRIL 26, 2006 (NETWORK WORLD) - Small businesses and consumers aren't the only ones enjoying the cost savings of switching to voice over IP

Re: VoIP and phishing

2006-04-27 Thread mis
the other point that should be made about voip is that callerid is trivial to spoof. so if you are counting on the calling party being who they say the are, or even within your company, based on callerid, don't. i predict a round of targeted attacks on help desks and customer service, as well

Re: VoIP and phishing

2006-04-27 Thread leichter_jerrold
| the other point that should be made about voip is that callerid is | trivial to spoof. | | so if you are counting on the calling party being who they say the | are, or even within your company, based on callerid, don't. | | i predict a round of targeted attacks on help desks and customer |

Re: VoIP and phishing

2006-04-27 Thread mis
On Thu, Apr 27, 2006 at 01:12:43PM -0700, [EMAIL PROTECTED] wrote: so if you are counting on the calling party being who they say the are, or even within your company, based on callerid, don't. does anyone know if time ANI from toll free services is still unspoofable? make that real-time

Re: VoIP and phishing

2006-04-27 Thread James Cloos
mis == mis [EMAIL PROTECTED] writes: mis does anyone know if [real-]time ANI from mis toll free services is still unspoofable? No, in general it is not unspoofable. But you probably need the gateway into the PSTN to use SS7 and IMT trunks; and that probably means a CLEC license in the US, or