Nominum says it has secret advantages over Bind

More security and security politics than crypto, but I thought this was rather interesting to this community: Nominum's Jon Shalowitz is interviewed on why you should buy Nominum's stuff over using open source, oh, pardon, freeware[sic] software: Q: What characterises that open-source,

AES in stick figures

A Stick Figure Guide to the Advanced Encryption Standard (AES) (A play in 4 acts) http://www.moserware.com/2009/09/stick-figure-guide-to-advanced.html -Michael Heyman - The Cryptography Mailing List Unsubscribe by sending

Re: FileVault on other than home directories on MacOS?

On Sep 22, 2009, at 5:57 AM, Darren J Moffat wrote: Ivan Krsti wrote: TrueCrypt is a fine solution and indeed very helpful if you need cross-platform encrypted volumes; it lets you trivially make an encrypted USB key you can use on Linux, Windows and OS X. If you're *just* talking about

Re: FileVault on other than home directories on MacOS?

Ivan Krstić wrote: On Sep 22, 2009, at 5:57 AM, Darren J Moffat wrote: There is also a sleep mode issue identified by the NSA Unlike FileVault whose keys (have to) persist in memory for the duration of the login session, individual encrypted disk images are mounted on demand and their keys

[Barker, Elaine B.] NIST Publication Announcements

Forwarded: From: Barker, Elaine B. elaine.bar...@nist.gov To: Barker, Elaine B. elaine.bar...@nist.gov Date: Thu, 24 Sep 2009 15:54:18 -0400 Subject: NIST Publication Announcements NIST announces the completion of two NIST Special Publications (SPs): SP 800-56B, Recommendation for Pair-Wise Key

Interesting way of protecting credit card data on untrusted hosts

A Canadian company called SmartSwipe has come up with an interesting way to protect credit card numbers from most man-in-the-browser attacks. What they do is install a Windows CSP (cryptographic service provider) that acts as a proxy to an external mag-stripe reader with built-in crypto

Re: SHA-1 and Git (was Re: [tahoe-dev] Tahoe-LAFS key management, part 2: Tahoe-LAFS is like encrypted git)

On Mon, Sep 7, 2009 at 6:02 AM, Peter Gutmann pgut...@cs.auckland.ac.nz wrote: That's a rather high cost to pay just for the ability to make a crypto fashion statement.  Even if the ability to negotiate hash algorithms had been built in from the start, this only removes the

OTR splicer for Skype ?

I found the following Adium-based solution for layering OTR atop Skype IM: http://www.derkeiler.com/Mailing-Lists/Full-Disclosure/2008-06/msg00224.html ...and was wondering whether anyone has generalised this by creating some open-source, standalone, simple application which talks to the