Re: [cryptography] "There is something Google can do. So they should do it."

2015-11-27 Thread Greg
There’s two types of people in security: 1. Those that believe in security. 2. Those that don’t. The ones who say “nothing can be done”, or “it’s impossible” (when the fact is the opposite), and the ones looking for “exceptions to security” without considering ways to mitigate collateral

Re: [cryptography] "There is something Google can do. So they should do it."

2015-11-27 Thread Jeffrey Walton
On Fri, Nov 27, 2015 at 5:47 PM, Greg wrote: > Thought this list would be interested in reading about the roll that Google > played in compromising 100k+ users (in addition to Dell): > >

Re: [cryptography] "There is something Google can do. So they should do it."

2015-11-27 Thread Stephen Farrell
On 27/11/15 23:43, Jeffrey Walton wrote: > On Fri, Nov 27, 2015 at 5:47 PM, Greg wrote: >> Thought this list would be interested in reading about the roll that Google >> played in compromising 100k+ users (in addition to Dell): >> >>

Re: [cryptography] "There is something Google can do. So they should do it."

2015-11-27 Thread Tony Arcieri
On Fri, Nov 27, 2015 at 3:47 PM, Greg wrote: > Thought this list would be interested in reading about the roll that > Google played in compromising 100k+ users (in addition to Dell) Dell puts a malicious certificate in the local trust store and the corresponding private

Re: [cryptography] "There is something Google can do. So they should do it."

2015-11-27 Thread Greg
> Dell puts a malicious certificate in the local trust store and the > corresponding private key on all of these systems, and they're a mere > parenthetical in your concerns. I dedicated about a third of the blog post to Dell and basically called them liars. I hardly think that counts as a “

Re: [cryptography] "There is something Google can do. So they should do it."

2015-11-27 Thread Greg
If you insist on wasting both our time… > You are literally using it as a pretext to go after Google. No, I talked about Dell, then I talked about Google. Both share blame. > Can you point to a single time in the past you've mentioned Dell's > involvement in this incident without mentioning

Re: [cryptography] "There is something Google can do. So they should do it."

2015-11-27 Thread Kevin
On 11/27/2015 5:47 PM, Greg wrote: Thought this list would be interested in reading about the roll that Google played in compromising 100k+ users (in addition to Dell): https://www.reddit.com/r/crypto/comments/3u92aw/dells_tumble_googles_fumble_and_how_government/cxejl5y - Greg

Re: [cryptography] "There is something Google can do. So they should do it."

2015-11-27 Thread Tony Arcieri
On Fri, Nov 27, 2015 at 7:34 PM, Greg wrote: > I dedicated about a third of the blog post to Dell and basically called > them liars. I hardly think that counts as a “ parenthetical”. > You are literally using it as a pretext to go after Google. Can you point to a single

[cryptography] "There is something Google can do. So they should do it."

2015-11-27 Thread Greg
Thought this list would be interested in reading about the roll that Google played in compromising 100k+ users (in addition to Dell): https://www.reddit.com/r/crypto/comments/3u92aw/dells_tumble_googles_fumble_and_how_government/cxejl5y - Greg signature.asc Description: Message signed with