Re: [cryptography] Underhanded Crypto
On 27/11/2014 03:04 am, Ilya Levin wrote: On Thu, Nov 27, 2014 at 1:04 AM, ianG i...@iang.org mailto:i...@iang.org wrote: http://underhandedcrypto.com/__rules/ http://underhandedcrypto.com/rules/ The Underhanded Crypto contest ... And the main prize for a winner would be nearly ruined reputation because nobody would trust his or her design and code ever again. Giving a client solid proof and confirmation of their huge concern about your ability to put some fishy stuff into their system - what else would be more assuring, right? :) Given that it is signalled in advance, and given that for the most part our job is to stop these things and thinking about how to do it is the flip side of the same coin, I suspect reputation isn't an issue. Seems like we'll find out tho, as Peter and Bear are willing to give it a shot. iang ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] Underhanded Crypto
ianG i...@iang.org writes: Seems like we'll find out tho, as Peter and Bear are willing to give it a shot. It's not really giving it a shot in my case, it's taking crypto implementation mistakes so old that people have forgotten about them and adding them to recent code. All you need to do in theory is plough through a bunch of old CVEs and update the use from (say) SSH 1.2.09 to something current, and you're done. Peter. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
[cryptography] What Is Good Encryption Software?
Reader asks: What Is Good Encryption Software? http://cryptome.org/2014/11/what-is-good-crypto.htm I have contacted you asking about certain security questions. After reading a few of the Snowden leaked documents, I have started to be more aware of my privacy being at risk. I have a few questions concerning certain programs and safety tips. First, I've recently started to doubt about my encryption software. Is Symantec's PGP Endpoint a good hard drive encryption software? In other words, is it trustworthy since it is an American company. And if not, what encryption software is the best for Mac. Second, is ProtonMail as secure as they say it is? If not, what email provider doesen't let the NSA see into my account. Third, is Jetico inc's Bestcrypt Container Encryption trustworthy? If not, what could be an alternative. Fourth, are these encryption types good? Blowfish, Gost AES - 256bit. And which encryption type remains the best above all? Last, is Kaspersky a good anti-virus software? If not, which one is the best for Mac. - Important, difficult questions, likely to produce a range of answers. We will publish for answers. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] What Is Good Encryption Software?
Looking for Perfect Cryptography: The One-Time Pad http://www.cs.utsa.edu/~wagner/laws/pad.html Simple and Secure. Have Fun! --Michael___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography