Tinc's response to Linux's answer to MS-PPTP

2003-09-26 Thread Guus Sliepen
Hello Peter Gutmann and others, Because of its appearance on this mailing list and the Slashdot posting about Linux's answer to MS-PPTP, and in the tinc users' interest, we have created a section about the current security issues in tinc, which currently contains a response to Peter Gutmann's

Re: Reliance on Microsoft called risk to U.S. security

2003-09-26 Thread martin f krafft
also sprach Ian Grigg [EMAIL PROTECTED] [2003.09.25.2253 +0200]: I wouldn't put all of the blame on Microsoft, Schneier said, the problem is the monoculture. On the face of it, this is being too kind and not striking at the core of Microsoft's insecure OS. For example, viruses are almost

Re: Can Eve repeat?

2003-09-26 Thread Greg Troxel
That's pretty much what I was talking about when I said that it may be possible to clone an arbitrarily large proportion of photons - and that Quantum Cryptography may not actually be secure. A key point is the probability that the measurement/cloning operation has of disturbing the

Re: Reliance on Microsoft called risk to U.S. security

2003-09-26 Thread Victor . Duchovni
On Thu, 25 Sep 2003, Ian Grigg wrote: On the face of it, this is being too kind and not striking at the core of Microsoft's insecure OS. For example, viruses are almost totally a Microsoft game, simply because most other systems aren't that vulnerable. While part of the security problems

The Right Touch

2003-09-26 Thread R. A. Hettinga
http://www.forbes.com/forbes/2003/1013/050_print.html Forbes OutFront The Right Touch Elizabeth Corcoran, 10.13.03 We're spending billions for new voting machines that may not be any better than punch cards Three weeks before California was set to vote on Governor Gray Davis' recall, a

efficiency?? vs security with symmetric crypto? (Re: Tinc's response to Linux's answer to MS-PPTP)

2003-09-26 Thread Adam Back
What conceivable trade-offs could you have to make to get acceptable performance out of symmetric crypto encrypted+authenticated tunnel? All ciphers you should be using are like 50MB/sec on a 1Ghz machine!! If you look at eg cebolla (more anonymity than VPN, but it's a nested forward-secret VPN

Re: Reliance on Microsoft called risk to U.S. security

2003-09-26 Thread Bill Frantz
At 6:47 AM -0700 9/26/03, [EMAIL PROTECTED] wrote: While part of the security problems in Windows are Microsoft specific, in my view a large part is inherited from earlier graphiscal desktop designs, and is almost universal in this space. Specifically, when a user clicks (or double-clicks) on an

Re: Tinc's response to Linux's answer to MS-PPTP

2003-09-26 Thread Joseph Ashwood
And a response. I have taken the liberty of copying the various portions of the contents of the webpage to this email for response. I apologize for the formatting confusion which may mistake Peter Gutmann's comments with those of the semi-anonymous misinformed person under scrutiny. I would have

Re: A different Business Model for PKI (was two other subjects related to the demise of Baltimore)

2003-09-26 Thread Peter Gutmann
Ed Reed [EMAIL PROTECTED] writes: 2) PKI vendors looked at that and must have said - gee, if we can get $100-$150/yr/user for managing identity around PKI certificates, why shouldn't we? Actually it's even better than that, the companies using the managed service are still expected to act as

Dan Geer Fired (was re: Technology Firm With Ties to Microsoft Fires Executive Over Criticism)

2003-09-26 Thread R. A. Hettinga
http://info.mgnetwork.com/printthispage.cgi?url=http%3A//ap.tbo.com/ap/breaking/MGASNQR81LD.htmloaspagename=www.tbo.com/ap/story.htmimage=tbologo80x60.jpg Sep 25, 2003 Technology Firm With Ties to Microsoft Fires Executive Over Criticism By Ted Bridis The Associated Press WASHINGTON (AP) - The