Re: Is finding security holes a good idea?

2004-06-15 Thread Thor Lancelot Simon
On Mon, Jun 14, 2004 at 08:07:11AM -0700, Eric Rescorla wrote: in the paper. Roughly speaking: If I as a White Hat find a bug and then don't tell anyone, there's no reason to believe it will result in any intrusions. The bug has to I don't believe that the premise above is valid. To

recommendations/evaluations of free / low-cost crypto libraries

2004-06-15 Thread Amir Herzberg
I will appreciate experience-reports/evaluations/comparisons with free or low cost (and in particular zero `per seat` cost) crypto libraries, especially in C / C++ (or links to web-sites containing them). If I'll get substantial useful information (off-list) I'll try to compile it and send to

Breaking Iranian Codes (Re: CRYPTO-GRAM, June 15, 2003)

2004-06-15 Thread R. A. Hettinga
At 4:03 AM -0500 6/15/04, Bruce Schneier wrote: Breaking Iranian Codes Ahmed Chalabi is accused of informing the Iranians that the U.S. had broken its intelligence codes. What exactly did the U.S. break? How could the Iranians verify Chalabi's claim, and what might they do about

Re: Breaking Iranian Codes (Re: CRYPTO-GRAM, June 15, 2003)

2004-06-15 Thread Peter Gutmann
R. A. Hettinga [EMAIL PROTECTED] forwarded: So now the NSA's secret is out. The Iranians have undoubtedly changed their encryption machines, and the NSA has lost its source of Iranian secrets. But little else is known. Who told Chalabi? Only a few people would know this important U.S. secret,

Post-9/11 laws expand to more than terrorism

2004-06-15 Thread R. A. Hettinga
http://www.timesrecordnews.com/trn/cda/article_print/1,1983,TRN_5707_2962597_ARTICLE-DETAIL-PRINT,00.html Times Record News To print this page, select File then Print from your browser URL: http://www.timesrecordnews.com/trn/nw_washington/article/0,1891,TRN_5707_2962597,00.html Post-9/11 laws

He Pushed the Hot Button of Touch-Screen Voting

2004-06-15 Thread R. A. Hettinga
http://www.nytimes.com/2004/06/15/politics/15vote.html?pagewanted=printposition= The New York Times June 15, 2004 He Pushed the Hot Button of Touch-Screen Voting By KATHARINE Q. SEELYE Kevin Shelley is a big and voluble Irish politician, the son of a former San Francisco mayor, and not the

Re: Is finding security holes a good idea?

2004-06-15 Thread Eric Rescorla
Thor Lancelot Simon [EMAIL PROTECTED] writes: On Mon, Jun 14, 2004 at 08:07:11AM -0700, Eric Rescorla wrote: in the paper. Roughly speaking: If I as a White Hat find a bug and then don't tell anyone, there's no reason to believe it will result in any intrusions. The bug has to I don't

Re: Is finding security holes a good idea?

2004-06-15 Thread Jerrold Leichter
| Thor Lancelot Simon [EMAIL PROTECTED] writes: | | On Mon, Jun 14, 2004 at 08:07:11AM -0700, Eric Rescorla wrote: | Roughly speaking: | If I as a White Hat find a bug and then don't tell anyone, there's no | reason to believe it will result in any intrusions. The bug has to | | I don't