[sent once to tahoe-dev, now copying to cryptography too, sorry for the
duplicate]
At lunch yesterday, Nathan mentioned that he is interested in seeing how
Tahoe's ideas and techniques could trickle outwards and influence the
design of other security systems. And I was complaining about how the
Zooko Wilcox-O'Hearn wrote:
On Wednesday,2009-08-26, at 19:49 , Brian Warner wrote:
Attack B is where Alice uploads a file, Bob gets the filecap and
downloads it, Carol gets the same filecap and downloads it, and
Carol desires to see the same file that Bob saw. ... The attackers
(who may
Hi Brian, all;
I'm all for including merkle trees with HTTP GETs, two items that
spring to mind:
- Appending the location of the hash as you suggest in
#hashtree=ROOTXYZ;http://otherplace which requires no changes to the
webserver.
- Adding a HTTP header with this data but requires something
Michael Walsh wrote:
- Adding a HTTP header with this data but requires something like a
server module or output script. It also doesn't ugly up the URL (but
then again, we have url shortner services for manual typing).
Ah, but see, that loses the security. If the URL doesn't contain the
http://jwis2009.nsysu.edu.tw/location/paper/A%20Practical%20Message%20Falsification%20Attack%20on%20WPA.pdf
A Practical Message Falsification Attack on WPA
Toshihiro Ohigashi and Masakatu Morii
Abstract. In 2008, Beck and Tews have proposed a practical attack on
WPA. Their attack (called the
http://conferences.sigcomm.org/sigcomm/2009/workshops/mobiheld/papers/p31.pdf
ABSTRACT
Modern mobile phones possess three types of capabilities:
computing, communication, and sensing. While these capa-
bilities enable a variety of novel applications, they also raise
serious privacy concerns. We
Heh...
So, we gotta pay for the upgrade in order to use PGP on Snow Leopard?
Whee.
Cheers,
RAH
Begin forwarded message:
From: PGP Corporation dataprotect...@pgp.com
Date: August 28, 2009 6:18:09 PM GMT-04:00
To: r...@ibuc.com
Subject: Important Information for PGP® Desktop Users Running
...and now GPG.
So, Snow Leopard is crypto-less?
Cheers,
RAH
What? I shoulda said sans-crypto?
---
Begin forwarded message:
From: Benjamin Donnachie benja...@py-soft.co.uk
Date: August 28, 2009 7:44:09 PM GMT-04:00
To: @lists.sourceforge.net macgpg-us...@lists.sourceforge.net
It can “...intercept all audio data coming and going to the Skype
process.”
Proof of concept, but polished versions will surely follow.
http://www.scmagazineus.com/Skype-snooping-trojan-detected/article/147537/
-- Jerry