A more recent version, which appeared at ACSAC in December 2007 can be
found at:
http://www1.cs.columbia.edu/~angelos/Papers/2007/SSARES_ACSAC.pdf
Since then, the student primarily working on this(*) has improved
performance to the point of being able to search a couple of email
messages
Scott G. Kelly wrote:
Here's another approach to password authenticated key exchange with
similar security claims. The underlying mechanism is under
consideration for inclusion in by the 802.11s group in IEEE:
http://www.ietf.org/internet-drafts/draft-harkins-emu-eap-pwd-01.txt
Hmmm. I don't
At 11:36 AM -0400 6/1/08, Ivan KrstiƧ wrote:
The easiest thing for people who _do_ care is still running their
own mail server.
Fully agree. You're in control, all the way to root of the box.
The emergence of reasonably priced VM hosting providers (e.g.
slicehost.com) makes it fairly
Scott G. Kelly wrote:
Ben Laurie wrote:
Scott G. Kelly wrote:
Here's another approach to password authenticated key exchange with
similar security claims. The underlying mechanism is under
consideration for inclusion in by the 802.11s group in IEEE:
| There's an option 2b that might be even more practical: an S/MIME or
| PGP/MIME forwarder. That is, have a trusted party receive your mail,
| but rather than forwarding it intact encrypt it and then forward it to
| your favorite IMAP provider.
Excellent idea! I like it.
Of course, it's
In the essay Better Than Free, Kevin Kelly debates which concepts hold
value online, and how to monetize those values. See
www.kk.org/thetechnium/archives/2008/01/better_than_fre.php
Kelly's point can be very useful: *When copies are free, you need to
sell things which can not be copied.*
Ben Laurie wrote:
Scott G. Kelly wrote:
Here's another approach to password authenticated key exchange with
similar security claims. The underlying mechanism is under
consideration for inclusion in by the 802.11s group in IEEE:
[EMAIL PROTECTED] wrote:
In a video, Christopher Tarnovsky, shows a physical attack on a smart card:
http://blog.wired.com/27bstroke6/2008/05/hacker-at-cente.html
I couldn't tell from the video how long it takes but it doesn't appear
to take more than an hour or so.
I had written up some
Ed Gerck wrote:
In the essay Better Than Free, Kevin Kelly debates which concepts hold
value online, and how to monetize those values. See
www.kk.org/thetechnium/archives/2008/01/better_than_fre.php
Kelly's point can be very useful: *When copies are free, you need to
sell things which can
Victor Duchovni wrote:
On Tue, May 27, 2008 at 08:08:11PM +0100, Dave Korn wrote:
Well spotted. Yes, I guess that's what Jim Youll was asking. And I
should have said seemingly-contradictory. This is, of course, what I
meant by marketeering: when someone asks if your service is insecure
Ben Laurie wrote:
But doesn't that prove the point? The trust that you consequently place
in the web server because of the certificate _cannot_ be copied to
another webserver. That other webserver has to go out and buy its own
copy, with its own domain name it it.
A copy is something
I recently implemented SSARES directly in python and also added
parallelism to the searching. We can now search the a large inbox
(1000+) messages in about 2-4 minutes. Technically, this could be done
on a large scale and be practical, since my implementation is not
fully optimized nor free of
[EMAIL PROTECTED] (Ed Gerck) on Monday, June 2, 2008 wrote:
To trust something, you need to receive information from sources OTHER
than the source you want to trust, and from as many other sources as
necessary according to the extent of the trust you want. With more trust
extent, you are more
Bill Frantz wrote:
[EMAIL PROTECTED] (Ed Gerck) on Monday, June 2, 2008 wrote:
To trust something, you need to receive information from sources OTHER
than the source you want to trust, and from as many other sources as
necessary according to the extent of the trust you want. With more trust
14 matches
Mail list logo
