Re: Why the poor uptake of encrypted email?
Alec Muffett wrote: Naq bs pbhefr lbh unir gb nepuvir pbcvrf bs gur ybofgre, abg gur fbhc. If we still had finger-plans, this would have made its way into mine. What a great quote! /ji PS: For the rot13-impaired, it reads "And of course you have to archive copies of the lobster, not the soup." - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: Dutch Transport Card Broken
The per-card cost need not be such a big problem. Singapore has a proximity-card-based system. They use the same card both for the long-term cards and for the single-use cards. There is a S$ 2 (IIRC) deposit on the card, which is refunded after the card is used. Waste not want not! /ji - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: DRM for batteries
Inkjet cartidges and laserprinter cartridges already have this kind of functionality. Rumor has had it for a long time that Dell has been doing this with their batteries. In any case, the strength of the crypto is irrelevant. What's relevant is the strength of the lawyers arguing that clone makers are violating the DMCA. /ji - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: Intercepting Microsoft wireless keyboard communications
How many bits (not just data, also preamble/postamble, sync bits, etc.) is the keyboard sending for each keystroke anyway? Cheers, /ji - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: Trillian Secure IM
[EMAIL PROTECTED] wrote: Why bother with all this? There is OTP for gaim, and it works just fine (not to mention it comes from a definitely clueful source). /ji I meant, of course, OTR (off-the-record). And to think that I was using it in another window as I was typing this! Thanks to Scott G. Kelly for pointing this out. /ji - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: Trillian Secure IM
Why bother with all this? There is OTP for gaim, and it works just fine (not to mention it comes from a definitely clueful source). /ji - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: Seagate announces hardware FDE for laptop and desktop machines
Dave Korn wrote: On 07 September 2007 21:28, Leichter, Jerry wrote: Grow up. *If* the drive vendor keeps the mechanism secret, you have cause for complaint. But can you name a drive vendor who's done anything like that in years? All DVD drive manufacturers. That's why nobody could write a driver for Linux until CSS was cracked, remember? It wasn't the mechanism that was secret so much as the key. CSS was supposed to protect someone else's data. You wouldn't give the key to *your* drive away, would you? /ji - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: Seagate announces hardware FDE for laptop and desktop machines
Ivan Krsti? wrote: On Sep 6, 2007, at 6:14 PM, Jacob Appelbaum wrote: other known good implementations of AES128 (CBC? I'm not sure...). Plain AES-CBC is not a great choice for FDE. You can do whatever you'd like to the bits of a given block at the cost of garbling the previous block, which makes binaries a plausible target. Given the size of modern OSes, it might even be an easy one. That's not the threat model; the main use of FDE is to protect the data in a lost/stolen laptop. FWIW, a couple of days ago I got yet another of those letters where a former employer is informing me that they lost my personal data; this time it was AT&T telling me that a laptop with employee benefits on it got stolen. /ji - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]