Re: [cryptography] Preserve us from poorly described/implemented crypto

On Wed, 8 Jun 2011, Eugen Leitl wrote: > On Tue, Jun 07, 2011 at 05:18:42PM -0400, Steven Bellovin wrote: > > > > Remember how well the original IBM PC "clicky keyboard" went over (I > > > think > > > I'm the only person in the US who actually liked it - veryone gave me > > > theirs after "up

Re: [cryptography] Preserve us from poorly described/implemented crypto

On Tue, Jun 07, 2011 at 05:18:42PM -0400, Steven Bellovin wrote: > > Remember how well the original IBM PC "clicky keyboard" went over (I think > > I'm the only person in the US who actually liked it - veryone gave me > > theirs after "upgrading to the newer lightweight and silent ones) > > I"m

Re: [cryptography] Preserve us from poorly described/implemented crypto

Steven Bellovin writes: >I"m typing on a large, heavy, clicky IBM keyboard right now... I have a 15-year-old one that's still going strong (not a buckling-spring one, which I was never that much of a fan of, but a keyswitch one), but I'm not sure what I'd do if this one ever failed [0]. Wietse

Re: [cryptography] Preserve us from poorly described/implemented crypto

On Jun 7, 2011, at 3:01 30PM, J.A. Terranson wrote: > > On Tue, 7 Jun 2011, Nico Williams wrote: > >> TEMPEST. >> >> I'd like keyboards with counter-measures (emanation of noise clicks) >> or shielding to be on the market, and built-in for laptops. > > Remember how well the original IBM PC "c

Re: [cryptography] Preserve us from poorly described/implemented crypto

On Tue, Jun 7, 2011 at 2:25 PM, Marsh Ray wrote: > I dunno. Seems like more often than not these days it's security taking a > back seat to the user experience. > > For example, Mozilla is removing the status bar and the SSL lock icon along > with it. A perfect opportunity for a phishing site to p

Re: [cryptography] Preserve us from poorly described/implemented crypto

On 06/07/2011 02:01 PM, J.A. Terranson wrote: On Tue, 7 Jun 2011, Nico Williams wrote: TEMPEST. I'd like keyboards with counter-measures (emanation of noise clicks) or shielding to be on the market, and built-in for laptops. Remember how well the original IBM PC "clicky keyboard" went over

Re: [cryptography] Preserve us from poorly described/implemented crypto

On Tue, Jun 7, 2011 at 2:01 PM, J.A. Terranson wrote: > On Tue, 7 Jun 2011, Nico Williams wrote: >> TEMPEST. >> >> I'd like keyboards with counter-measures (emanation of noise clicks) >> or shielding to be on the market, and built-in for laptops. > > Remember how well the original IBM PC "clicky k

Re: [cryptography] Preserve us from poorly described/implemented crypto

On Tue, 7 Jun 2011, Nico Williams wrote: > TEMPEST. > > I'd like keyboards with counter-measures (emanation of noise clicks) > or shielding to be on the market, and built-in for laptops. Remember how well the original IBM PC "clicky keyboard" went over (I think I'm the only person in the US wh

Re: [cryptography] Preserve us from poorly described/implemented crypto

TEMPEST. I'd like keyboards with counter-measures (emanation of noise clicks) or shielding to be on the market, and built-in for laptops. I wonder whether touch-screen smartphones give off any useful RF emanations regarding touches, drags, screen contents. Anyways, I'm getting out of topic... N

Re: [cryptography] Preserve us from poorly described/implemented crypto

On 06/07/2011 07:18 AM, Ian G wrote: People in tall glass buildings should learn not to throw electronic stones then It's easy, just use a laptop w/ethernet. No wireless, no keyboard loggers. Corporates know how to issue laptops. If the Vice-President of Large Fund Risk Arbitrage (or whate

Re: [cryptography] Preserve us from poorly described/implemented crypto

On 6/06/11 11:57 AM, David G. Koontz wrote: On 5/06/11 6:26 PM, Peter Gutmann wrote: That's the thing, you have to consider the threat model: If anyone's really that desperately interested in watching your tweets about what your cat's doing as you type them then there are far easier attack chan

Re: [cryptography] Preserve us from poorly described/implemented crypto

On 6/06/11 2:53 PM, Marsh Ray wrote: Come on. There are people in tall glass buildings that will be using this keyboard to enter passwords that manage accounts containing millions of dollars on a regular basis. And there's a very high practical limit on the gain of the antenna that could be aime

Re: [cryptography] Preserve us from poorly described/implemented crypto

Bluetooth 4.0 specifies 128 bit AES CCM mode. http://www.bluetooth.com/Pages/low-energy-tech-info.aspx Also found in IEEE 802.15 (Personal Area Networks). The 802 standards can be downloaded without cost for personal use. You have to be Bluetooth SIG member to get Bluetooth standards and they do

Re: [cryptography] Preserve us from poorly described/implemented crypto

On 06/05/2011 08:57 PM, David G. Koontz wrote: On 5/06/11 6:26 PM, Peter Gutmann wrote: That's the thing, you have to consider the threat model: If anyone's really that desperately interested in watching your tweets about what your cat's doing as you type them then there are far easier attack c

Re: [cryptography] Preserve us from poorly described/implemented crypto

On 5/06/11 6:26 PM, Peter Gutmann wrote: > That's the thing, you have to consider the threat model: If anyone's really > that desperately interested in watching your tweets about what your cat's > doing as you type them then there are far easier attack channels than going > through the crypto. >

Re: [cryptography] Preserve us from poorly described/implemented crypto

On 06/05/2011 12:28 AM, Kevin W. Wall wrote: Are you asking if there is only a single hardwired key for that is the same for *all* keyboard / receiver pairs? That would be insane. Yeah no one would ever do anything that dumb...right? I certainly did NOT get that impression. I thought they ju

Re: [cryptography] Preserve us from poorly described/implemented crypto

"Kevin W. Wall" writes: >OTOH, I suppose one could argue that this better than your normal wireless >keyboard which is just communicating over an unencrypted channel. That's the thing, you have to consider the threat model: If anyone's really that desperately interested in watching your tweets a

Re: [cryptography] Preserve us from poorly described/implemented crypto

On Sat, Jun 4, 2011 at 9:46 PM, Stephan Somogyi wrote: > "So what is AES? It's a unique pre-programmed 128-bit encryption key which > is designed to help prevent your keystrokes, which are transmitted > over-the-air, from being intercepted and deciphered." > > I just discovered the preceding at: >

[cryptography] Preserve us from poorly described/implemented crypto

"So what is AES? It's a unique pre-programmed 128-bit encryption key which is designed to help prevent your keystrokes, which are transmitted over-the-air, from being intercepted and deciphered." I just discovered the preceding at: . N